Logical Methods in Computer Science 
Vol. 8(3:3)2012, pp. 1-44 
www.lmcs-online.org 



Submitted Feb. 29, 2012 
Published Oct. 10, 2012 



FULL ABSTRACTION FOR THE RESOURCE LAMBDA CALCULUS 
WITH TESTS, THROUGH TAYLOR EXPANSION* 

ANTONIO BUCCIARELLI a , ALBERTO CARRARO 6 , THOMAS EHRHARD c , 
AND GIULIO MANZONETTO d 

a Univ Paris Diderot, Sorbonne Paris Cite, PPS, UMR 7126, CNRS, F-75205 Paris, France 
e-mail address: antonio.bucciarelli@pps.jussieu.fr 

Universita Ca'Foscari, Via Torino 155, 30172 Mestre, Venice, Italia 
e-mail address: acarraro@dsi.unive.it 

c CNRS, PPS, UMR 7126, Univ Paris Diderot, Sorbonne Paris Cite, F-75205 Paris, France 
e-mail address: thomas.ehrhard@pps.jussieu.fr 

d Univ Paris 13, Sorbonne Paris Cite, LIPN, UMR 7030, CNRS, F-93430 Villetaneuse, France 
e-mail address: giulio.manzonetto@lipn.univ-parisl3.fr 



Abstract. We study the semantics of a resource-sensitive extension of the lambda calcu- 
lus in a canonical reflexive object of a category of sets and relations, a relational version of 
Scott's original model of the pure lambda calculus. This calculus is related to Boudol's re- 
source calculus and is derived from Ehrhard and Regnier's differential extension of Linear 
Logic and of the lambda calculus. We extend it with new constructions, to be under- 
stood as implementing a very simple exception mechanism, and with a "must" parallel 
composition. These new operations allow to associate a context of this calculus with any 
point of the model and to prove full abstraction for the finite sub-calculus where ordinary 
lambda calculus application is not allowed. The result is then extended to the full calculus 
by means of a Taylor Expansion formula. As an intermediate result we prove that the 
exception mechanism is not essential in the finite sub-calculus. 



In concurrent calculi like CCS [23], guarded processes are resources that can be used only 

once by other processes. This fundamental linearity of resources leads naturally to non- 
determinism, since several agents (senders and receivers) can interact on the same channel. 
In general, various synchronization scenarios are possible, giving rise to different behaviours. 
On the other hand in the A-calculus [lj, a function (receiver) can duplicate its argument 
(sender) arbitrarily. Thanks to this asymmetry, the A-calculus enjoys a strong determinism 
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(namely, the Church- Rosser Theorem), but for the same reason it lacks any form of control 
on resource handling. 

Resource Lambda Calculi. Resource A-calculi stem from an attempt to combine 
the functionality of the A-calculus and the resource-sensitivity of process calculi. Boudol 
has been the first to design a resource-conscious functional programming language, the 
resource X-calculus [I], extending the usual one along two directions. First, a function 
is not necessarily applied to a single argument, but can also be applied to a multiset of 
arguments called resources. Second, a resource can be either linear (it must be used exactly 
once) or reusable (it can be used ad libitum). In this context, the evaluation of a function 
applied to a multiset of resources gives rise to several possible choices, corresponding to the 
different possibilities of distributing the resources in the multiset among the occurrences of 
the formal parameter. From the viewpoint of concurrent programming, this was a natural 
step to take since one of the main features of this programming setting is the consumption 
of resources which cannot be copied. Milner's -zr-calculus |24J features this phenomenon in 
great generality, and Boudol's calculus keeps track of it in a functional setting. 

Together with Regnier, Ehrhard observed that this idea of resource consumption can be 
understood as resulting from a differential extension of A-calculus (and of Linear Logic) [IT] . 
Instead of considering two kinds of resources, they defined two kinds of applications: the 
ordinary application and a linear one. In a simply typed setting, linear application of a 
term M : A — >• B to a multiset made of n terms Nx, . . . , N n : A, combined with ordinary 
application to a term N : A, corresponds to computing M^ n \N)(Ni, . . . ,N n ), where 
is the n-th derivative of M which is of type A — > (A n — > B) and associates a symmetric 
n- linear map with any element of A. The symmetry of this multilinear map corresponds to 
Schwarz's Theorem and is implemented in the resource A-calculus by the use of multisets for 
representing linear applications. A notable advantage of this approach is that it allows to 
apply powerful methods from differential calculus in the context of A-calculus. For instance, 
iterated differentiation yields very naturally a Taylor expansion formula, which consists in 
expanding the ordinary application into several linear applications of the differential A- 
calculus. More precisely, if M : A — > B and N : A are A-terms, then the Taylor expansion 
of MN is given by 




in analogy with the standard Taylor formula of the entire functions. The Taylor expansion 
has been studied in [14] where the authors relate it to the Bohm tree of a A-term, giving 
the intuition that the former is a resource conscious improvement of the latter. 

The main difference between Boudol's resource A-calculus and Ehrhard and Regnier's 
differential A-calculus is that the first is lazy — this means that in many cases linear substi- 
tutions must be delayed. To that effect, the calculus features a linear explicit substitution 
mechanism. Moreover, it implements a fixed reduction strategy similar to linear head re- 
duction. Therefore, Boudol's calculus is not an extension of the ordinary A-calculus. Also, 
the resource A-calculus is rather affine than linear, since depletable resources cannot be du- 
plicated but can be erased. Another difference lies in the respective origins of these calculi: 
the resource A-calculus originates from syntactical considerations related to the theory of 
concurrent processes, while the differential one arises from denotational models of linear 
logic where the existence of differential operations has been observed. These models are 
based on the well-known relational model of Linear Logic [17], and the interpretation of the 
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new differential constructions is as natural and simple as the interpretation of the ordinary 
Linear Logic constructions. 

In this paper we work with a resource-sensitive A-calculus because our techniques de- 
pend on the linear logic structure underlying the calculus and on the presence of a Taylor 
expansion formula. Two main syntaxes have been proposed for the differential A-calculus: 
Ehrhard and Regnier's original one [11], simplified by Vaux in |31j . and Tranquilli's resource 
calculus of [30] whose syntax is close to Boudol's one. These calculi share a common se- 
mantical backbone as well as similar connections with differential Linear Logic and proof 
nets. We adopt roughly Tranquilli's syntax and call our calculus d\- calculus. To avoid 
the problem of handling the coefficients introduced by the Taylor formula we conveniently 
suppose that the formal sum in the calculus is idempotent; this amounts to saying that we 
only check whether a term appears in a result, not how many times it appears. This is very 
reasonable when studying convergency properties since M + M converges exactly when M 
does. 

Full Abstraction. A natural problem when a new calculus is introduced is to charac- 
terize when two programs are operationally equivalent, namely when one can be replaced 
by the other in every context without noticing any difference with respect to a given ob- 
servational equivalence. In this paper we prove a full abstraction result (a semantical 
characterization of operational equivalence) for the <9 A-calculus in the spirit of [5]. As in 
that paper, we extend the language with a convergence testing mechanism. Implicitly, this 
extension already appears in [10], in a differential linear logic setting: it corresponds to the 
0-ary tensor and par cells. To implement the corresponding extension of the A-calculus, we 
introduce two sorts of expressions: the terms (variable, application, abstraction, "throw" 
fiV) where V is a test) and the tests (empty test, parallel composition of tests and "catch" 
t{M) where M is a term). Parallel composition allows to combine tests in such a way that 
the combination succeeds if and only if each test succeeds. Outcomes of tests (convergence 
or divergence) are the only observations allowed in our calculus, and the corresponding 
contextual equivalence and preorder on terms constitute our main object of study. 

This extended <9A-calculus, that we call dX-calculus with tests, has a natural denota- 
tional interpretation in a model of the pure A-calculus introduced by Bucciarelli, Ehrhard 
and Manzonetto in [8], which is indeed a denotational model of the differential pure nets 
of [10] as one can check easily. This model is a reflexive object T> in the Kleisli category of 
the linear logic model of sets and relations where IX is the set of all finite multisets over 
X. An element of T> can be described as a finite tree which alternates two kinds of layers: 
multiplicative layers where subtrees are indexed by natural numbers and exponential layers 
where subtrees are organized as non-empty multisets. To be more precise, 2 ?— ? (negative) 
pairs of layers alternate with 0— ! (positive) pairs, respecting a strict polarity discipline 
very much in the spirit of Ludics [18J. The empty positive multiplicative tree corresponds 
to the empty tensor cell and the negative one to the empty par cell. The corresponding 
constructions t, f are therefore quite easy to interpret. 

We use this logical interpretation to turn the elements of T> into <9A-calculus terms with 
tests. More precisely, with each element a of P, we associate a test a + (|-D with a hole (]•[) for 
a term, and we show that a belongs to the interpretation of a (closed) term M iff the test 
a + (|MD converges. From this fact, we derive a full abstraction result for the fragment of the 
9 A-calculus with tests in which all ordinary applications are trivial, that we call <9oA-calculus 
with tests. To extend this result to the <9A-calculus with tests, we use the Taylor formula 
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introduced in [IT] which allows to turn any ordinary application into a sum of infinitely 
many linear applications of all possible arities. One exploits then the fact that the Taylor 
formula holds in the model, as well as a simulation lemma which relates the head reduction 
of a term with the head reduction of its Taylor expansion. 

Contributions. In Section [2] we provide the abstract categorical framework which is 
needed to interpret the dA-calculus and its extension with tests. The syntax and opera- 
tional semantics of the c?o A-calculus with tests (which is the promotion- free fragment) are 
presented in Section [3j while its relational model T> is described concretely in Section |4j 
The definability of the elements of T> in the <9o A-calculus with tests is the main conceptual 
contribution of this paper — it shows that, in this setting, the standard syntax versus se- 
mantics dichotomy is essentially meaningless. From definability it follows easily that the 
relational model is fully abstract for the <9oA-calculus with tests, as shown in Section[5] This 
result is analyzed further in Section [6j where it is proved that in the absence of promotion 
the test operators do not add any discriminatory power to the contexts, thus showing that 
D is also fully abstract for the <9oA-calculus without tests. 

We then focus on the full <9 A-calculus with tests. Section [7] is devoted to present its 
syntax, operational semantics and relational semantics. In Section [8] we consider the use of 
Taylor expansions to reduce the full abstraction problem for d\ to its "doA" version, thus 
introducing an original and promising reduction technique. 

2. Categorical semantics of linear logic 

Before introducing the syntax of our resource A-calculus with tests, we describe the general 
categorical structures needed to interpret this calculus. Our goal here is to give general 
motivations for our syntactic constructs. In the sequel, we consider a particular model, 
based on the category of sets and relations, and it is not hard to check that this particular 
category is an instance of the general setting we present here. In Section |4j we shall present 
this relational interpretation concretely in order to avoid the admittedly heavy categorical 
formalism. 

Our main reference for categorical models of linear logic (LL) is [22| . We denote by N 
the set of natural numbers. 

Let C be a Seely category. We recall briefly that such a structure consists of a category C, 
whose morphisms should be thought of as linear maps, equipped with a symmetric monoidal 
structure for which it is closed and *-autonomous with respect to a dualizing object _L. The 
monoidal product, called tensor product, is denoted as (g>, the linear function space object 
from X to Y is denoted as X — o Y, the composition of morphisms in C is simply denoted 
as juxtaposition. We use ev £ C((X — o Y) (g) X, Y) for the linear evaluation morphism and 
cur(/) £ C(Z, X ^Y) for the "linear currying" of a morphism / E C(Z (g> X, Y). The dual 
object X — o _L is denoted as X L . 

We also assume that C is cartesian, with a cartesian product denoted as & and a terminal 
object T. By *-autonomy, this implies that C is also cocartesian; we use © for the coproduct 
and for the initial object. In any cartesian and cocartesian category, there is a canonical 
morphism a 6 C(0, T) and a canonical natural transformation ax,Y £ C(X (BY, X SzY). One 
says that the category is additive if these morphisms are isomorphisms. In that case, each 
homset C(X,Y) is equipped with a structure of commutative monoid, and all operations 
defined so far (composition, tensor product, linear currying) are linear with respect to this 
structure. 
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If C has cartesian products of all countable families (AQ)j 6 j of objects, we say that it 
is countably cartesian, and in that case, C is also countably cocartesian. If the canonical 
morphism 3t X A G C(@i<=i Xi, SZiei -^*) ^ s an isomorphism, we say that C is countably 
additive. In that case, homsets have countable sums and composition as well as all monoidal 
operations commute with these sums. 

Last, we assume that C is equipped with an endofunctor !_ which has a structure of 
comonad (unit dx G C(\X,X) called dereliction, multiplication px G C{\X,\\X) called 
digging). Moreover, this functor must be equipped with a monoidal structure which turns 
it into a symmetric monoidal functor from the symmetric monoidal category (C,Sz) to the 
symmetric monoidal category (C,(8>): the corresponding isomorphisms m : !T — > 1 and 
mx,Y ■ & Y) — > \X (8> \Y are often called Seely isomorphisms. The following diagram is 
moreover required to be commutative. 

\X ® !Y mx ' Y > \{XkY) 
Px®Py !!(x&y) 

Jl<bri,!«a> 

!LY ^ !!Y m '*' ly > l(\Xk\Y) 

Using this monoidal structure, we can equip the ! functor with a lax symmetric monoidal 
structure from the symmetric monoidal category (SMC) (C, 1,(8)) to itself. In other words, 
one can define a morphism jjl : 1 — > !1 and a natural transformation /ix,y : IX ® \Y 
\(X <g> Y) which satisfy compatibility conditions with respect to the structure isomorphisms 
of the SMC (C, 1, (8)). Given an object X of C and fc 6 N, this allows to define a morphism 
fi^ : (!X)® fe ->■ \(X® h ) which is essential in the interpretation of A-terms. 



2.1. Structural natural transformations. Using these structures, we can define a weak- 
ening natural transformation wj( G C(!X, 1) and a contraction natural transformation 
Cx £ C{\X, \X \X) as follows. Since T is terminal, there is a canonical morphism 
tx G C(X, T) and we set = m \tx- Similarly, we have a diagonal natural transformation 
Ax eC(X,X k X) and we set c x = mx,x !Ax- 

This contraction morphism cx : !X — >■ !X ® !X is associative, and therefore can be 
generalized to a unique morphism : \X — >■ (!Af)® n . We have = wx, = Id;x and 

(2) 

cy = c x . 

More generally we can define a morphism c { }' n) : (\X)® k -> ((!X)® fc )® n for the gener- 
alized contraction morphism which is defined as the following composition 

e c (™)\<8fc 

(!X)® fc > ((IX )®«)® fe °" g, ((i j^)®^)® n 

where cx is the obvious isomorphism, defined using associativity and symmetry of <g>. 
Similarly, we define a generalized weakening morphism as the composition 



where A is the unique canonical isomorphism induced by the monoidal structure. 
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As usual the (co)Kleisli category C\ of the comonad !_ is defined as the category that has 
the same objects as C and C\(X, Y) = C(\X, Y), with composition denoted as o and defined 
using the comonad. One can prove C\ is cartesian closed, with & as cartesian product and 
\X — o Y as function space object: this is a categorical version of Girard's translation of 
intuitionistic logic into linear logic. 

Given / G C{{\X)® k ,Y), it is standard to define f G C((!X)® k , !Y), this operation is 
usually called promotion in linear logic. This morphism is defined as the following compo- 
sition: 

nx)® fe > (\\x)® k > \((\x)® k ) - > \y 



2.2. Differential LL models. The notion of categorical model recalled above allows to 
interpret standard classical linear logic. If one wishes to interpret differential constructs as 
well (in the spirit of the differential A-calculus or of differential linear logic), more structure 
and hypotheses are required. Basically, we need that: 

• the cartesian and cocartesian category C is additive, and 

• the model is equipped with a codereliction natural transformation dx G C(X, \X) such 
that dx dx = Idx- 

More conditions are required if one wants to interpret the full differential A-calculus of [IT] or 
full differential linear logic as presented in e.g. [26] : these conditions represent a categorical 
axiomatization of the usual chain rule of calculus and are well explained in [15J. When these 
conditions, that we give explicitely now, hold, we say that the chain rule holds in C. 
The first condition is the following commutation. 



X 



\Y dx&Y , \X IY 



fJ-X.Y 



X®Y 



^ \{X ® Y) 

It would be interesting to know if this condition can be reduced to a more primitive one, 
involving dx and the isomorphism m (of course, one can replace fi by its expression in terms 
of m in the diagram above, so that this diagram is actually a condition on m, but we would 
like to find a simpler and more elegant commuting diagram involving m). 

Last we have to provide a commutation relating dx and px- We have of course dx dx : 
X —7- MX. Also, fj,i : 1 — >■ !1 and therefore !wx [i\ '■ 1 — > \\X. Keeping implicit the 
isomorphism X <g> 1 ~ X, we get (dix dx) <8> (!wx w) : X — > UX UX, and we require the 
following diagram to commute: 



X 



(!w x Mi) 

UX ( 



UX 



IX 



Px 



UX 



If C is a weak differential LL model, we can define a coweakening morphism wx G 
C(1,\X) and a cocontraction morphism c~x G C(\X (8) \X,\X) as we did for wx and cx- 
Similarly we also define G C((!X)® n , \X). Due to the naturality of dx we have wx dx = 
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and c x d x = d x ® w x + w x ® d x . We also define d£ J = d| n G C(lX,X® n ) and 
di n) =4 n) df eC(I^,!I). 

2.3. The Taylor formula. Let C be a weak differential LL model which is countably 
additive. Remember that each homset C(X,Y) is endowed with a canonical structure of 
commutative monoid in which countable families are summable. We assume moreover that 
these monoids are idempotent. This means that, if / € C(X, Y), then / + / = /• 

We say that the Taylor formula holds in C if, for any morphism f £ C (X, Y) , we have 

oo 
n=0 

Remark 2.1. If the idempotency condition does not hold, one has to require the homsets 
to have a rig structure over the non-negative real numbers, and the Taylor condition must 

be written in the more familiar way If = YlnLo /® n d^. To give a precise meaning 

to this kind of expressions, we need of course more structure on homsets: they need to have 
some completeness properties, typically expressible in topological terms. 

Remark 2.2. If the chain rule holds in C, the Taylor condition reduces to the particular 

case of identity morphisms: one has just to require that !Idx = Yl^Lo ^X^x^ * ne 
idempotent setting). 

2.4. Models of the pure differential A-calculus. A model of the pure differential A- 
calculus of [11] or of the dA-calculus to be introduced below, is simply a reflexive object 
in C\, where C is a model of differential linear logic in which the chain rule holds. More 
precisely, it consists of such a category C and of a triple (U, app, lam) where U is an object 
of C and app G C(U, \U -° U) and lam G C(\U — ° U, U) satisfy app o lam = Id\u^u in C. It 
is crucial to take app and lam in the "linear" category C and not in C\. 

In the present paper, we concentrate on the case where U satisfies a stronger condition. 
We assume that C is countably cartesian, and, given an object X, we denote as X N the 
cartesian product &ieN where Xi = X for each i G N. We consider an object U of C 

together with an isomorphism ip G C(U, (!t/ N )"*"). We have clearly (IC/ 1 ^)" 1 ~ (\(U & U^ , )) ± , 

hence (!£/ N ) ~ (\U <S> !^7 N ) by the Seely isomorphism and therefore (!C/ N ) ~ \U — ° 

(!C/ N )" L by *-autonomy of C. Using tp, we get finally that U — \U —oU and we define app 
and lam using this isomorphism. 

We also assume that C is a model of the MIX rule of linear logic (see [TS] ) . This means 
that _L is equipped with a structure of commutative monoid in the SMC C. We use mix^ 
to denote the corresponding morphism — >■ _|_ so that in particular mix*- ) : 1 — > _L and 
mixW = Id_L. 

The interpretation of the calculi presented in this paper is based on the following tool- 
box. The first constructions we give deal with "terms", which are represented here by 
morphisms (\U)® k — > U (the number k G N corresponds intuitively to the number of 
variables on which the term depends). 

• Given a family of terms /i, . . . , f n : (\U)® k — > U, we can define a morphism [/i, . . . , f n ] : 

{\U)® k -> \U as [/i, . . . , f n ] = o (/x g) • • • <8) /„) o cp n) (a morphism of this type will 
be called a "bag"). 
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• Let / : (\U)® k — > U be a further term. Remember that we have defined the promotion of 
/, which is a bag f : (\U)® k — > IU. Therefore we can define ([/i, ...,/„] (g> / ! ) o c[^' 2 ^ : 
(lU)® k -> \U <g> \U and we introduce a new bag 

[fx,..., f n , / ! ] = c v o ({f h ... , f n ) ® / ! ) o cf 2 ) : (\Uf k -> !£/ . 

• Let / : (!J7)® fe -> t7 and 5 : (!f/)® fc -> !J7. Then app o / : (lU)® k -> (!C7 -o £/) and hence 
((app o /) ® g) o c^' 2 * 1 : — > (\U — o J7) <g> [/ '. Finally we define the application of / 
to g as the term / g = ev o ((app o /) <gi g) o Cy' 2 ^ : (IC/) ^ — >■ J7. 

• Let / : (\U)® k ® !?7 — >• f7, we define the abstraction of / (with respect to its last 
parameter) as the term A(/) = lam o cur(/) : (\U)® k — > U. 

A "test" (with k variables) is a morphism (![/)® fc — > _L. Here we present the categorical 
constructions required for dealing with such tests. 

• Let h x ,...,h n : (\U)® k -> _L be tests. Then we can define their parallel composition, 
using the mix structure of _L, as the test 

(h 1 \---\h n ) = mixW o (hx (8) • • • (8) hn) o c[J' n) : (![/)® fc -> J_ . 

• Let / : (!C/) 0fc -»• [/ be a term. We have o / : (\U) m -)■ (!C/ N ) and hence we can 
define a test r(/) = w^n^ 0^0/: (![/)® fc ->■ _L since w^n : 1 -> !C/ N and l 1 - = _L. 

• Last, let h : (!f/)® fc -)■ 1 be a test. We have w^ 1 - o /i : (!f/)® fc -)■ (If/N)" 1 since 
Wf/N : \U N — > 1, and hence f(/t) = y? -1 o w^n -1 o /i : (!C/) <Xlfc — y U is a term. 

3. The c*oA-Calculus with Tests 

The definition of the <9oA-calculus with tests requires some preliminary notations that we 
give below. 

3.1. Sets and modules. We denote by N the set of natural numbers and by 1 an arbitrary 
singleton set. Given a set S, we write 'P(S') (resp. Vf(S)) for the set of all (resp. all finite) 
subsets of S. Given k £ N, we denote by the set of all permutations of {1, ... ,k}. 

Let 2 be the semiring {0, 1} with 1+1 = 1 and multiplication defined in the obvious way. 
For any set 5, we write 2(5) for the free 2-module generated by 5, so that 2(5) = Vf(S) 
with addition corresponding to union, and scalar multiplication defined in the obvious way. 
However we prefer to keep the algebraic notations for elements of 2(5), hence set unions 
will be denoted by + and the empty set by 0. 

3.2. Multisets. Let 5 be a set. A multiset a over 5 can be defined as an unordered list 
a = [ax, «2j • • •] with repetitions such that at £ 5 for all indices i. A multiset a is called finite 
if it is a finite list; we denote by #a its cardinality. We write Mf(S) for the set of all finite 
multisets over 5. Given two multisets a = [a±, ct2, ■ ■ ■] and b = [fix, 02, ■ ■ ■] the multiset union 
of a, b is defined by a tt) b = [ax, «2 5 02, ■ ■ •]; summing up, N(5) = M.{(S). Given two 
finite sequences of multisets a, b of the same length n we define atfcl b = (ax tt) 61, . . . , a n \±)b n ). 
Given a strict order > on 5, the multiset ordering Def. A. 6. 2] is the smallest transitive 
relation > m on Alf (5) such that (V/? E b. a > (3) =$■ (a tt) [a] > m a tt) 6), for all a £ 5 and all 
a, b S A4f (5). Intuitively, a > m b holds if b can be obtained from a by replacing some of its 
elements by finitely many (possibly zero) smaller elements. 
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A b : 
A T : 
A e : 



M, N,L,H 
P,Q 

v,w 

A,B 



The <9oA-calculus with tests 

x | Xx.M | MP | f(V) 
[L±, . . . , L k ] 
t[L\, . . . ,L k ] 
M\V\P 



terms 
bags 
tests 
expressions 



M, N, L, H G 2(A f ) sums of terms 

P,Qg2(A 6 ) sums of bags 

V,Wg2(A t ) sums of tests 

A,Be 2(A e ) := 2(A r ) U 2(A f ) U 2(A 6 ) sums of expr. 
(a) Grammar of terms, bags, tests, expressions, sums. 



-_\Vi := V\ \ ■ ■ ■ \ V n , (in particular ||? =1 V{ := e) 
(b) Notation on parallel composition of tests. 



Figure 1: Syntax and notations of c^A-calculus with tests. 

We now introduce the d^X-calculus with tests which is the promotion-free fragment of 
the dA-calculus with tests we will present in Section [7j 

3.3. Syntax. The <9oA-calculus with tests has four syntactic categories: terms that are in 
functional position, bags that are in argument position and represent multisets of linear 
resources, tests that are "corked" multisets of terms having only two possible outcomes and 
finite formal sums representing all possible results of a computation. Expressions are either 
terms, bags or tests and will be used to state results holding for all categories. 

Definition 3.1. The formal grammars defining terms, bags, tests and sums are given in 



Figure l(a 



Terms are the real protagonists of the <9oA-calculus with tests. The term Xx.M repre- 
sents the X-abstraction of the variable x in the term M and MP the application of a term 
M to a bag P of linear resources. Thus, in (Xx.M)P, each resource in P is available exactly 
once for Xx.M and if the number of occurrences of x in M "disagrees" with the cardinality 
of P then the result is (see later, when sums of expressions are introduced). The operator 
r(-) will be discussed later on, after the notion of test is explained. 

As usual we assume that application associates to the left and lambda abstraction to the 
right. Therefore we will write Axi . . . x n .MP\ ■ ■ ■ P k for Xx\.{- ■ ■ (Ax n .(- • • (MP±) ■ ■ ■ Pj.)) ■ ■ ■)■ 
Moreover, the notation MP~ n will stand for MP ■ ■ ■ P (n times). 

Notation 3.2. Concerning specific terms, we set 

I := Xx.x, T := Xxy.x, F := Xxy.y, D := Ax.x[x], 
S ni ,...,n m := Axi . . .x m .I[xi]~ ni ■ ■ ■ [x m ]~ nm , for all m, . . . ,n m G N, 
where the symbol ':=' denotes definitional equality. 
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Tests are multisets of terms, the "t" being a tag for distinguishing them from bags. 
Intuitively, they are expressions that can produce two results: either success, represented 
by e, or failure, represented by 0. 

Throughout the paper, we will enforce the distinction between bags and tests by using 
systematically the following notational conventions. 

Notation 3.3. For bags, we use the usual multiset notation: 

• [] is the empty bag, 

• P tfc) P' is the union of bags. 
For tests we write: 

• e for the empty multiset, 

• V\W for the multiset union of V and W . 

In other words, e = r[] and t\L\, . . . , Lk] \ r[Lk+i, ■ ■ ■ , L n ] = t[L\, . . . , L n \. Other notations 
on parallel composition of tests are introduced in Figure l(b)| 

The test V\W represents the (must-)parallel composition of V and W (i.e., V\W suc- 
ceeds if both V and W succeed and the order of evaluation is inessential). We prefer to 
use the parallel notation as syntactic sugar in order to avoid both the explicit treatment of 
associativity and commutativity axioms (plus neutrality of e). This is perfectly coherent 
with the implementation of tests as multisets of terms. 

The operator f (•) allows to build a term out of a test: intuitively, the term f(V) may 
be thought of as V preceded by an infinite sequence of dummy A-abstractions. Dually, 
the "cork construction" t[L\, . . . , Lk] may be thought of as an operator applying to all its 
arguments an infinite sequence of empty bags. This suggests in particular that it is sound 
to reduce t[t (V)] to V. 

Hence the term f(V) raises an exception encapsulating V and the test t[L%, . . . , 
catches the exception possibly raised by, say, L, and replaces Li by the multiset of terms 
encapsulated in that exception. The context of the exception is thrown away by the dummy 
abstractions of f and the dummy applications of r. A test needs to catch an exception in 
order to succeed; for instance, t[M] fai ls as soon as M is a f-free, closed term. 
Sums. Remember from Subsection 



3.1 



that 2(A f ) (resp. 2(A T ), 2(A b )) denotes the set 
of finite formal sums of terms (resp. tests, bags) with an idempotent sum. We also set 
2(A e ) := 2(A r ) U 2(A f ) U 2(A b ). This is an abuse of notation as 2(A e ) here does not denote 
the 2-module generated over A T U A T U A b , but rather the union of the three 2-modules; 
this means that sums should be taken only in the same sort. The typical metavariables to 



denote sums are given in Figure |l(a) 



The a-equivalence relation and the set FV(A) of free variables of A are defined as usual, 
like in the ordinary A-calculus pp. Hereafter, (sums of) expressions are considered up to 
a-equivalence. 

Because of the absence of promotion the number of linear resources that a term Xx.M 
is expecting is just the number of occurrences of x in M (the degree of x in M). 

Definition 3.4. Let A £ A e . The degree of x in A, written o\eg x {A), is the number of free 
occurrences of x in A and is defined by induction as follows: 

• deg^x) = 1, 

• deg a ,(y) = 0, for x^y, 

• deg x (Xy.M) = deg x (M), where we assume wlog x ^ y, 

• deg x (MP) = deg x (M) + deg x (P), 
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Extended Syntax 

Xx.(£i Mi) = £ 4 Xx.Mi M(Ei Pi) = Ei M P 

^(Ei ^) = E, r(^) (Ei a p = Ei i'* w : 

(a) Notation on 2(A e ). 



(EiM i )p = E i M i : 
[Ei^] = EiN 
E* vs I v 



Linear Substitution 



[^l, 
r[L ls 



y(7V/x) 

■■■,L k ](N/x) 
...,L k ](N/x) 
(MP)(N/x) 
f(V)(N/x) 
(Xy.M){N/x) 



!N if y = x, 
otherwise, 
^ =1 [L 1 ,...,L i (N/x) 

E* =1 T[L 1 ,...,L i {N/x 
M{N/x)P + M(P{N/x)), 
f(V(N/x)), 
Xy.M{N/x). 



(b) Definition of linear substitution. In the abstraction case we assume wlog x 7^ y. 



Figure 2: Notations on sums and definition of linear substitution. 



& egx {f{V)) = teg x {V), k 

deg a .([Li, ...,L k ]) = E* = i de %x( L i), 

deg x (T[Li, ...,L k }) = de S x (U)- 



3.4. Two Kinds of Substitutions. In this subsection we introduce two kinds of substi- 
tutions: the usual A-calculus substitution and a linear one, which is proper to differential 
and resource calculi (see [H HD GO] ) . 

In order to proceed, we first need to introduce some notational conventions concerning 
the sums. Indeed the grammar for terms and tests does not include any sums, so they may 
arise only on the "surface". For instance, I + I is a legal sum of expressions, while \x.(x + x) 



cannot be generated using the grammar of Figure 1(a) 



Convention 3.5. As a syntactic sugar - and not as actual syntax 
constructors to sums by multilinearity, setting for instance 



we extend all the 



in such a way that the equations in Figure 2(a) hold. 

This kind of meta-syntactic notation is discussed thoroughly in 

Remark 3.6. In the particular case of empty sums, we get Ax.O := 0, MO := 0, OP := 0, 
r[0] := 0, f (0) := 0, V\0 := 0, [0] := and U P := 0. Therefore annihilates any term, 
bag or test (but not the sums). 

We now give some examples of this extended (meta-)syntax. 
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Example 3.7. We have: 

1. Xxy.(x + y) := Xxy.x + Xxy.y := T + F, 

2. \x.{x + x) := Xx.x + Xx.x := I + I = I by sum idempotency, 

3. (x 1 + x 2 )[y) := xi[y) + x 2 [y], 

4. x[yi + y 2 ] := x([yi] + [y 2 ]) := x[y{\ + x[y 2 ], therefore: 

5. (xi + x 2 )[y\ + y 2 ] := x\[yi] + xi[y 2 ] + x 2 [yi] + x 2 [y 2 j. 

In the following two definitions we make an essential use of the extended syntax. We 
recall that an operator P(— ) is extended by linearity by setting P(£jXj) = £jP(xj). 

Definition 3.8 (Substitution). Let A G A e and N £ A T . The (capture- free) substitution of 
N for x in A, denoted by A{N/x}, is defined as usual. Accordingly, A{N/x} denotes an 
expression of the extended syntax. Finally, we extend this operation to sums as in A{N/x} 
by linearity in A. 

Definition 3.9 (Linear Substitution). The linear (capture- free) substitution of N for x in 
A, denoted by A(N/x), is defined in Figure 2(b). The expression A(N/x) belongs to the 
extended syntax. We extend this operation to sums as in A(N/x) by linearity in A, as we 
did for usual substitution. 

Roughly speaking, the linear substitution A(N/x) replaces exactly one free occurrence 
of x in A with the term N. If there is no occurrence of x in A then the result is 0. In 
presence of multiple occurrences, all possible choices are made and the result is the sum of 
terms corresponding to them. 

Remark 3.10. Observe that A(N/x) is linear in A and in N, whereas A{N/x} is linear in 
A but not in N. 

We now give some examples of linear and classic substitution. 

Example 3.11. Let A G A e and M,N £ A f . 

1. If A is closed, then A(M/x) = 0, 

2. (Xy.y[y][x])(I/x) = Xy.y[y][I], 

3. (Xy.y[x][x))(I/x) = Xy.y[l)[x) + Xy.y[x][I], 

4. (Xy.y[x][x}){I/x} = Xy.yim, 

5. (x[x]){(y + z)/x] = y[y] + y[z] + z[y] + z[z\. 

Linear substitutions commute in the sense expressed by the next theorem, whose proof 
is rather classic and thus omitted. 

Theorem 3.12 (Schwarz's Theorem, cf. [II]). For A G 2(A e ), M,N G 2{k f ) and y £ 
FV(M) U FV(N) we have: 

A(M/y)(N/x) = A(N/x)(M/y) + A(M(N/x)/y). 

In particular, if x ^ FV(M) the two substitutions commute. □ 

Notation 3.13. 

• Given a bag P = [L 1} . . . , L k ] and x g FV(P) we set A(P/x) := k{L x /x) ■ ■ ■ {L k /x). 

• Given bags Pi, . . . , P n and x FV(P) we set A{P/x) := A(P L /x 1 ) • • • {P n /x n ). 
In particular, A([]/x) = A. 
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Reduction Semantics 

(Xx.M)P -+ p M(P/x){0/x}, f(V)P 



f(V) ifP=[], 
otherwise, 



t[Xx.M]\V ^ T t[M{0/x}]\V, r[f(V)]\W ^ 7 V\W. 

(a) Reduction rules. In the (/3) rule we assume wlog x ^ FV(P). 



Context Closure 

MRM lam MRM { PRF 



Xx.M R Ax.M MP R MP MP R 

MRM V RW , MRM 

lmres _ /T , N ~ zt^tFx taubar , r ,-, , T : - — r--,,., tau 



[M] tt) P R [M] tt) P f(V) R f (W) r[M]|F R r[M]|F 

A R A 



sum 



A + M R A- 
(b) Context closure of a relation RCA'x 2(A e ). 



Figure 3: Operational Semantics. 



The above notation A(P/x) makes sense because, by Theorem 3.12, the expression 
A{Li/x) ■ ■ ■ (Lk/x) is actually independent from the enumeration of L±, . . . , in P. More- 
over recall that we use a-equivalence, so that bound variables can be renamed in order to 
avoid capture of free variables during substitution. 

3.5. The Operational Semantics. In this section we are going to introduce the reduction 
rules defining the operational semantics of the <9oA-calculus with tests. 

Definition 3.14. The reduction semantics of the <9oA-calculus with tests is generated by 



the rules in Figure |3(a' 



The reduction preserves the sort of an expression in the sense that terms rewrite to 
(sums of) terms and tests to (sums of) tests. 



The left side of a reduction rule in Figure 3(a) is called a redex while the right side is 



its contractum. Redexes are classified, depending on their kind, as follows. 
Definition 3.15. 

• A term-redex is any term of the form (Xx.M)P or f(V)P. 

• A test-redex is any test of the form r[Ax.M]|V^ or r[f(V)]|W. 

The following remark gives a more explicit characterization of a /3-contractum. Re- 
member that the degree of x in M has been defined in Definition |3.4| 



Remark 3.16. If M has k free occurrences of x (represented by x 1 , . . . , x k ) then we have 

M (Lx/x) • • • (L k /x){0/x} = S CTeSfc M{L CT(1) /x 1 , . . . , L a(k) /x k }; 
if deg x (M) ^ k, then M{L x /x) ■ ■ ■ (L k /x){0/x} = 0. 
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From Remark 3.16 it is clear that, because of the presence of linear substitution, the 
/^-reduction is a relation from terms to sums of terms, namely — >p C A T x 2(A r ). 

Definition 3.17. 

1. The contextual closure of a relation R C A e x 2(A e ) is the smallest relation in 2(A e ) x 2(A e ) 
containing R and respecting the rules of Figure 3(b)| 

2. The reduction — > C 2(A 6 ) x 2(A e ) is the contextual closure of — >p U — >f U — > T U — Ky. 

3. The multistep reduction -» C 2(A e ) x 2(A e ) is the transitive and reflexive closure of — K 

We now provide some examples of reduction. Note that parallel composition is treated 
asynchronously, indeed V — > V entails V\W — > Y\W. 

Example 3.18. 

1. D[I, F] I[F] + F[I] + F[I] ^ F, 

2. r[D[D,D]] -tp t[D[D]] ^ 0, 

3. r[I[f(e)],T[r(e)]] r[f (e), T[f (e)}} r[f(e), Ax.f(e)] -> T r[f(e),f(e)} ^ 7 r[f(e)] ^ 7 

4. 5 rai; ... iTOm |l, • • • [I, ... , I] I, for all m, . . . ,n m G N. 

Definition 3.19. An expression j4 is in normal form if there is no IB such that A — > B. A 
sum of expressions A zs in normal form if all its summands are in normal form. 

From Definition 13. 191 we have that is in normal form. 

The following lemma gives an explicit characterization of terms in normal form. 
Lemma 3.20. If a term M £ A T is in normal form then 

1. either M = Xx.yPi ■ ■ ■ P n for some n > and each Pi is a bag of terms in normal form, 

2. or M = Air.f(||" =1 rfyjP^i • • • -Pf fcj) where n > 0, k{ > and each Pij is a bag of terms 
in normal form. O 



3.6. Operational properties. In this subsection we show that the <9oA-calculus enjoys 
Church-Rosser and strong normalization, even in the untyped version of the calculus. 

The proof of strong normalization is purely combinatorial, based on a measure given in 
the following definition. 

Definition 3.21. The size of an expression A, written size(A), is defined by induction as 
follows: 

• size(x) = 1, 

• size(Ay.M) = size(M) + 1, 

• size(MP) = size(M) + size(P) + 1, 

• size(r(V)) = size(V) + 1, 

• sizeQLi, . . . , L k ]) = Ya=i size(Lj) + 1, 

• size(r[Li, . . . , L k \) = Yn=i size(Lj) + 1. 

The size of a sum of expressions A = A\ + • • • + A k , written size m (A), is the multiset of the 
sizes of the summands of A, namely size m (A) = [size(^i), . . . ,size(Afc)]. 
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The intuition behind strong normalization is that size m (A) becomes smaller by replacing 
one (or more) of its elements by an arbitrary number of smaller elements, i.e., with respect 
to the multiset ordering > m induced on A4f (N) by the usual order > of N. It is well known 
that > m is well-founded. 

Theorem 3.22. The d$X-calculus with tests is strongly normalizing and Church-Rosser. 

Proof. The fact that there are no infinite reduction chains is trivial, since every reduction 
step decreases the size of an expression. In other words A ->• B entails size m (A) > m size m (IB). 

For the Church-Rosser property just check local confluence and conclude by Newman's 
lemma. M 

The following lemma formalizes our intuition behind the behaviour of the cork r(-). As 
a corollary we get that a closed test can only reduce either to e or to 0. 

Lemma 3.23. For any closed term M , either t[M] -» e or r[M] -» 0. 

Proof. As <9oA-calculus with tests is strongly normalizing, we have that M -» S^ =1 Mj, where 
each Mi is a closed normal form. If k = then t[M] -» since r[0] = 0. Otherwise for each 
Mi there are two possibilities: 

• Mi = Xx.XjPi- ■ ■ P n with xj € x and n > 0. Then r[Mj] -» T[(x j P 1 ■ ■ ■ P n ){0/x}} = 
r[0] = 0. 

• Mi = Ax.r(||" =1 r[xjPj t i • • • Pj t kj]) with n > and Xj Ex. If n = then we have 
||™ =1 T[ Xj P hl ■ ■ ■ Pj- fc .] = e and t[Xx.t(s)} -» r[f (e)] -> e. If n > then r[M t ] -» r[f(||™ =1 
r[0P j , 1 {0/x}---P j , kj {0/x}})]=0. 

We conclude since t[M] -» S^ =1 r[Mj], and this latter expression reduces to a finite (possibly 
empty) sum of e's, which is thus equal either to or to e. D 

Corollary 3.24. If V is a closed test then either V -» e or V -» 0. 

Therefore, it makes sense to define the convergence of a test as follows. 

Definition 3.25. A test V converges if and only if V -» e. 

It is easy to check that a test V can converge only if it is closed; indeed, a free variable 
x occurring in V cannot be erased during the reduction. 

3.7. Operational Pre-order. A term-context D<\-\) is a term having one occurrence of a 
hole, denoted by <\-\), appearing in term-position; a test-context Cfl-|) is a test having one 
occurrence of a hole, still appearing in term-position. 

Definition 3.26. Term-contexts D§-\) and test-contexts C<\-\) are defined by the following 
grammar: 

Dfl-D ::= fl.} | Xx.D | DP | M[D,L] \ f(C) 
C(\-\,::=t[D,L] 

The set of term-contexts is denoted by A^ and the set of test-contexts by A^ . 

Given M G A T we indicate by C(|MD the test resulting by blindly replacing M for the 
hole (allowing capture of free variables) in Cfl-|). Similarly, given a term-context D<\-\), D(\M\) 
denotes the term obtained by blindly substituting M for the hole in D<\-\). 
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Example 3.27. 

1. Let £>fl-D := Xxy-W> then D H^\[y}\) = ^y.x[x][y], 

2. let £>d-|) := <\W(e)J], then DpD = D[f (e), I], -»• f (e)[I] + I[f(e)] I[f(e)] f(e), 

3. the simplest test context is C<\-\) := t[{|-[)] , we have Ct\I\) = r[I] — )- r r[x{0/x}] = 0, 

4. let C{|-D := r[(Ax.H)[r(e)]] then Cflx} = r[I[f( £ )]] -> r[f(e)] -»• e. 

We say that a test-context C(|-[) (resp. a term-context -D(|-[)) is closed if it contains no 
free variable; it is closing M if C(|MD (resp. D(\M\)) is closed. 

Definition 3.28. The operational pre-order Cq on the <9oA-calculus with tests is defined 
as follows (for all M, N G A f ): 

M Q T N ^ VCd-D G A^ closing M, N (C(\M\) -» e => C^iVD -» e). 

We set M wj, JV iff M CJ, N and JV M. 

This coincides with a standard idea of operational preorder. The restriction of ob- 
servations to test-contexts deserves however a discussion. First, note that tests provide a 
canonical notion of observation since - by design - they either converge (to e) or reduce 
to 0. Hence, the choice of test-convergence as the basic observation in our calculus is very 
natural. 

A second motivation comes a posteriori. Indeed, as we will prove in Section [6] (The- 



orem 



6.14), for test-free terms M,N we have M N exactly when, for all test-free 



term-contexts D(\-\j, D(\M\) is solvable entails DI\N\) is solvable (the notion of solvability for 
test-free terms is given in Definition 6.2). 



4. A Relational Semantics 

This section is devoted to build a relational model T> of c\)A-calculus with tests, that has 
been first introduced in [8] as a model of the ordinary A-calculus. 

We first give a sketchy presentation of the Cartesian closed category where T> lives. 
We recall that the definitions and notations concerning multisets have been introduced in 
Subsection 13.21 



4.1. The Category MRel. The category MRel is the co-Kleisli category for the finite- 
multiset comonad on the category Rel of sets and relations. 
This category can be described directly as follows: 

• The objects of MRel are all the sets. 

• A morphism from S to T is a relation from M{(S) to T; in other words, MRe^S 1 , T) = 
V(Mf(S) x T). 

• The identity of S is the relation Idg = {([a], a) \ a £ S} : S — > S. 

• The composition of s : S — > T and t : T — )■ U is defined by: 

t o s = {(a, j3) j 3k £ N, 3(ai, or), (a*,, a^) G s such that 

a = a\ tfc) . . . W ctfc and ([ai, . . . , /3) G t }. 

Given two sets S, T, we denote by S&T their disjoint union ({1} x 5*) U ({2} x T). Hereafter 
we adopt the following convention. 
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Convention 4.1. We consider the canonical injection between Alf (S) X.Mf (T) and A4f (<S& 
T) as an equality. Therefore, we will still denote by (01,02) the corresponding element of 
Mi(SkT). 

Theorem 4.2. The category MRel is a Cartesian closed category. 

Proof. The terminal object 1 is the empty set 0, and the unique element of MRel(5, 0) is 
the empty relation. 

Given two sets S and T, their categorical product in MRel is their disjoint union S &T 
and the corresponding projections are given by: 

7Ti = {([(1, «)], a) I a G S} : S k T -+ S, 

tt 2 = {([(2, a)], a) I a G T} : S &T ^ T. 

It is easy to check that this is actually the categorical product of S and T in MRel; 
given s : U —> S and t : U — > T, the corresponding morphism (s, t) : £7 — > S k T is given by: 

(s, t) = {(a, (1, a)) I (a, a) G s} U {(6, (2, /3)) | (6, /3) e t} . 

Given two objects S and T, the exponential object [S=>T] is Alf(iS) x T and the evaluation 
morphism is given by: 

ev 5T = {(([(o,/3)],a),/3) \ a e M { (S) and G T} : [5^T]&S^T. 

Again, it is easy to check that in this way we defined an exponentiation. Indeed, given any 
set U and any morphism s : U & S —> T, there is exactly one morphism A(s) : U — > [S^T] 
such that: 

evsr (A(s) x Id^) = s. 
which is A(s) = {(a, (6, /?)) | ((a, 6), /3) G s}. □ 

As shown in [20j , MRel is actually a Cartesian closed differential category [3j . It is not 
difficult to check that it is moreover an instance of the categorical framework presented in 
Section [2j 



4.2. An Extensional Reflexive Object. We build a reflexive object T>, which is exten- 
sional in the sense that D = [D =>X>]. The elements of T> are infinite sequences of multisets, 
that are quasi-finite in the following sense. 

Definition 4.3. An infinite sequence a = (a%, 02, ... ) of multisets is quasi-finite if ai = [] 
holds for all but a finite number of indices %. 

Given a set S, we denote by M { {S)^ the set of all quasi-finite N-indexed sequences 
of finite multisets over S. 

Definition 4.4. We build a family of sets (-D n ) n£ N as follows: 
• Do = 0, 

. D n+1 =Mi (A0 M - 

Since the operation mapping a set S into A4f(S)^ is monotonic with respect to inclusion^ 
and Do Q D\, we have D n C D n+ \ for all n G N. Finally, we set T> = UneN D n - 

1 This means that SCS" entails M{(S) ( ^ C A1 f (S') ( " ) . 
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To define an isomorphism between T> and Ai{(T>) x T> just note that every element 
a = (ai, a 2 , ®3, ■ ■ •) G stands for the pair (01,(02,03,...)) and vice versa. From this 
simple remark, it follows that D = [T> =>■ P] (we have a canonical bijection between these 
two sets, and therefore an isomorphism in MRel). 

Notation 4.5. Given a = (01,02,03,...) G T> and a G Aif(T>), we write a :: a for the 
element (a, ai, 02, 03, . . .) G V. We denote by * the element ([],[],...,[],...) G V. 

Remark that []::* = *. 

4.3. Interpreting the c^A-calculus with tests. We now define the interpretation of an 
expression A of the 9oA-calculus with tests in the model T>. As usual, an expression A will 
be interpreted by a morphism of the category MRel. 

For all terms M, bags P, tests Q and repetition-free sequences x, y, z respectively 
containing the free variables of M, P, Q, we define by mutual induction the interpretations 
[Mjg : V n -> V, {Pjg : V m -> Mf(V) and {Qjg : V k -»• 1 (1 is a singleton set and n, m, fc 
are the lengths of x, y, z) as follow^ 

• [aJiJs = {(([])•■■ j []) [ a ]> []>•••)[]); a ) I a £ where [a] stands in «-th position, and 

X Xl , . . . , Xi , . . . , X n , 

• {Xy.Mjg = {(a,b::a) \ ((a,b),a) G [MJ^}, where we suppose wlog that y ^ x, 
. lMP} s ={(aiUa 2 ,a) \ 3b G A4{(T>) (01, 6:: a) G \M\ S , (a 2 ,b) G [P]]*}, * 

• lf(V)h = {&*)\aelvj s }, 

• {[Li, . . . ,L k ]jg = {(tt)f =1 aj, \Pi, . . . ,/3fc]) I (<H,f3i) G {Lijtf, l<i<k}, 

• lr[M]h={a\(a,*) G [M]*}, 

• lVi\V 2 h = {ai W «2 I ai G [V1US2 G [^ 2 ]*}, 

• & = {([],■..,[])}• 

In particular [Q^ = {([], . . . , [])} G M { (V) n+1 . 

The interpretation is then extended to the elements of 2(A e ) by setting [S* =1 AiJj = 

Remark 4.6. Since every test V is of the form t[L\, . . . ,Lk] we might define its inter- 
pretation directly by setting IV} g = {tt)jL 1 o*j | (Si,*) G [LjJ^, 1 < i < k}. Closed terms 
(resp. tests, bags) are interpreted by relations between the singleton A4f(0) and V (resp. 

1. M.f (£>)), we denote them plainly as subsets of V (resp. 1, M{(T>)). 

The following are examples of interpretations. 
Example 4.7. 

1- [r(e)J = {*}, 

2. [I] = {[a]::a \ a G T>}, 

3. [D] = {[[a] ■.:f3,a] :: \ a, /? G V}, 

4. [D[I]J = 0. Indeed the elements of [[[I]]] can never match [[a] :: /3,a] because they are 
singleton multisets. 

2 Since Mt(S & T) = Mf(S) x Mt(T) we have, up to isomorphism, [M]g C X f (2?) n x X>, [P]^ C 
>1f(I>) m+1 and [QI* C .M f (£>) fc xlS M f (©) fc . 
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Convention 4.8. Hereafter, whenever we write [AJ^ we suppose that x is a repetition-free 
list of variables of length n containing FV(A). Moreover, we will sometimes silently use the 
fact [Mj 3jy = {((a, Q),a) | (a, a) G {Mj s } whenever y $ FV(M). 

Clearly the interpretation is monotonic, in the sense expressed by the following lemma. 

Lemma 4.9. For any test-context C{| -[) (resp. term-context D(\-\j) with free variables y, if 
Mf C \N\g then ICmUy C [CflJVP]^ fresp. pljMDJ^ C pflAfc;. 

Proof. By a straightforward mutual induction on C(|-[), . O 

The following substitution lemmas are needed for proving the invariance of the inter- 
pretation under reduction. The proofs are lengthy but not difficult, and are provided in 
Appendix [Aj 

Lemma 4.10 (Linear Substitution Lemma). Let M G A r , V G A T and P = [L\, . . . , L k ] G 
A 6 such that deg y (M) = deg y (V) = k. We have: 

(i) (a,a) G {M(P/y)\g iff there exist (a*, ft) G [L^g (for 1 < i < k) and a G 7W f (P)" 
suc/i i/ia£ ((do, ... , ft]), a) G [Af]]^ y and th)f =0 «i = a- 

(ii) a G [V(-P/y)]2 «IF there exist (Si, Pi) G [Lj] 5 (for 1 < i < k) and a G M{(V) n such 
that (a , [ft, . . . , ft]) G [V]^ and fcdjjL aj = a. 

Lemma 4.11 (Regular Substitution Lemma). Let M G A f , V G A T and N G 2(A f ). H^e 
nave: 

(i) (a, a) G [M{N/y}Ja iff 3k G N, 3ft,..., ft G P, 3a ,...,a fc G .M f (P) n suc/i tfurf 
(a*, A) G [r% (for l<i<k), ((a , [ft, . . . , P k ]),a) G [M]^ and a = ^ =0 a J; 

(ii) a G [F{N/j/}] 2 i#3fc G N, 3ft, . . . , ft G P, 3a , . . . , a k G M f (2?)" snca that (a h Pi) G 
[r% (for 1 < t < k) and (a , [ft, . . . , ft]) G [V]^ and a = W*L «r 



The substitution lemmas above generalize straightforwardly to sums. Although Lemma 4.11 



is stated in full generality, for the <9oA-calculus with tests is only useful for N = 0. We keep 
this formulation since it is closer to the one needed in Section for the full <9A-calculus with 
tests. 

Theorem 4.12. D is a model of the doX-calculus with tests, i.e., if A -» B then [AJ^ = [B]^. 

Proof. It is easy to check that the interpretation is contextual. The fact that the semantics 
is invariant under reduction follows from Lemmas |4.10| and |4.11[ □ 



5. Full Abstraction for <9qA-Calculus with Tests 



A model is equationally fully abstract if the equivalence induced on terms by their inter 
pretations is exactly ss^; it is inequationally fully abstract if the induced preorder is C 
Obviously, every inequationally fully abstract model is also equationally fully abstract 

In this section we prove that T> is inequationally fully abstract for the <9oA-calculus with 
tests (Theorem pTilj), i.e., that {Mjg C {Njg if and only if M C£ N. 
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5.1. Building Separating Test-Contexts. We are going to associate a test-context a + (|-D 
with each element a £ T>, the idea being that - for every closed term M - we have a G [MJ 
if and only if a + (|MD converges. 

Definition 5.1. Let a G T>. The rank of a, written rk(a), is the least n G N such that 
a £ -D n +i; the length of a, written 1(a), is if a = *, and it is the unique r such that 
a = ai :: • • ■ ::a r ::* with a r / [], otherwise. 

Note that if a = a\ a r ::* then for all 1 < i < r and a« G aj we have rk(a) > rk(aj). 
Hence rk(a) = entails a = * and the following definition is well-founded. 

Definition 5.2. For a G V of the form a = [a^i, . . . , ai^J [av,i> • • • , QV,fc r ] - * with 

1(a) = r, define by mutual induction a closed term a~ and a test-context a + (\-\j as follows: 

• a = Axi . . .x r .f(||[ =1 ((a itl ) + <\xi\)\ ■ ■ • | (a i>fe J + ^J)), 

• a+fl-D = r[^D[(ai 5 i)", . . . , (ai, fcl )1 ■ ■ ■ [( a r,i) _ > • • • , (a r ,k r )~]}- 
Given a = [a±, . . . , «&] we set a~ = [aj, . . . , a^] . 
Example 5.3. We have: 

1. *~ = f (e) (as the empty parallel composition is equal to e), 

2. *+B =r[fl-D], hence: 

3. (W::*) + B=r[H[r(e)]]- 

The next lemma, along with its corollaries, shows the interplay between the elements of 
T> and the terms/tests of Definition 5.2 It provides the main motivation for our extension 
of the 9oA-calculus. 

Lemma 5.4. Let a £ V. Then: 

(i) {a-} = {a}, 

(ii) [a+WI* = {[«]}• 

Proof. The points ([I]) and <JTTJ) are proved simultaneously by induction on rk(a). We write 
IH([I]) and IH([ii]) for the induction hypotheses concerning ^ and respectively. 

If rk(a) = then a = *, hence [*"] = [f (s)] = {*} and [*+(|zD] x = [t[x]} x = {[*]}. 

If rk(a) > and 1(a) = r, we have a = a\ ::•••:: a r :: * with cij = [a^i, . . . , «i,fcj for 
1 < i < r. 



We prove (i 



Remember that by definition [a J = [Ayi . . . yr-T(Hi=i II^Li 
So we have /3 G^a^J if and only if /3 = 6i b r :: * and for all 1 < i < r, 1 < j < k{ there 
is G [KjO+kDk such that 6 = Hjr =1 By ffl|ii|) we have G [Kj) + Ml£ 

iff dij = ([], [oij], []) where [«tj] appears in i-th position. Therefore td-i.i^ij = (D> Q i) EI) 
and 6j = a% for every index i. Thus f3 = a. 

We prove (JTij) . By definition we have [a: + (|x[)]]a; = [r[a;aj • • • a~]J x . Therefore c G 
[a+dxDJrr if and only if there are hi = \j3 i>1} . . . , c , Cj,i, . . . , c ijki G A4 f (£>) (for 1 < 

i < r) such that (co, &i :: • • • :: 6 r :: *) G \x\ x , (cjj, fiij) G [(ai,j)~la; (for all 1 < i < r and 
1 < j < ki) and c = c W («[ =1 Cij ). As, by IH§, [(aij)-]^ = {([], a^-)} we get = [] 
and = ctjj. Thus c = cq, a = bi b r :: * and from this it follows that (c, a) G l_xj x . 

We conclude that c = [a] . □ 

Corollary 5.5. [a+flM|)] 2 = {c | (c,a) G [MJ^}. 



Proof. By Lemma 5.4 'ii) we have that [a+dyDJ^y = {([], •••,[], [a])}. As a + (\-\j does not 



have outer A-abstractions we have q + (|^D = a+ §y\)([M]/y). We then apply Lemma 4.10 to 
conclude. □ 
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Corollary 5.6. All finite subsets ofT* are definable. 

Proof. By Lemma 5.4 I]), for every finite set u = {ax, . . . , aj.} we have [aj-l-- ■ " + = u. □ 
Lemma 5.4 reveals the behaviour of a test-context a + (|-[) when applied to a term j3~. 

f3 then a + (\f3~\) -» e, otherwise a + (|/3~D 0- 
{()} C M t (V)° if a = p, otherwise. By Corollary [3^24 



Corollary 5.7. lei a,/3 G £>. If a 



Proof. By Lemma 5.4, [a 
we know that a + (|/3^ reduces either to e or to 0. The result follows by soundness (Theo- 
rem 



4.12) 



□ 



5.2. (In)equational Full Abstraction. In this subsection, we show that the operational 
preorder CJ, (see Definition 3.28) coincides with the inclusion of interpretations in T>. We 



first need a couple of preliminary results. 
Recall from Definition 



5.2 



that, given a = [a\, . . . , a^], a denotes the bag [a 1 , . . . , a k 



Lemma 5.8. Let V G A T , FV(V) C x and a G Mi(V) n where n is the length of x. Then 
a £ {V}s if and only if lV(a~/x)} ^ and deg^^V) = #a,. 



Proof. The result follows by applying n times (one for each variable in x) Lemma 4.10 and 

□ 



Corollary 5.5 



Remark 5.9. For M G A T we have (of 



a-/x) = a+(\M{a-/x)l 



The ensuing proposition is the key argument for proving that the model T> is inequa- 
tionally fully abstract. 

Proposition 5.10. Let M G A f , x D FV(M), a G V and a G Mf(V). The following are 
equivalent: 

(i) (a, a) G \M\ S , 

(ii) a+(\M(a-/x}\) -» e. 

Proof. We have the following chain of equivalences: 



5.9 



(a, a) G {Mjg & a G [a+flMD]*, by Corollary [5^1 
44> [a + (|M(a /x)D] 7^ and deg x .(M) = #Oi, by Lemma 5.8, using Remark 
44> a + (|M(a _ /r?)[) -» e, by Corollary 3.24, i.e. the fact that closed tests can only reduce to 

□ 



either e or 0, and Theorem 4.12, i.e. the soundness of the model. 



We are now able to prove the main result of the section. 

Theorem 5.11. T> is inequationally fully abstract for the doX-calculus with tests (for all 
M, N G A f ): 

{Mj s C {Nj s ^MQ- N 

Proof. (=>) Assume that [MJ^ C [iVj^, and let C<\-\) be a test-context closing both M and 
N and such that C(\M\j -» e. By Theorem |4~12| [C([MD] = {ej = {()}. By monotonicity 



By Corollary 3.24 this 



of the interpretation we get [CflM^ C [CflJVDJ, thus {C(\N\)} / 
entails that CfliVD -» e. 

(<=) Suppose, by the way of contradiction, that M N holds but there is an element 



(a, a) G {MJ 3 - {Nj s . Then the test-context Cfl- 
a + (\M (a~ I x)\ -» e and C(\N\ e by Proposition 



a + (\(\x.(\-\))a-\) is such that CflM|) 



5.10, which is a contradiction. 



□ 
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Corollary 5.12. T> is equationally fully abstract for the d^X-calculus with tests. 



The reader who is only interested in the extension of Theorem 5.11 (and of its corollary) 
to the full (9 A-calculus with tests can skip safely the next section. 



6. Full Abstraction for <9 A-Calculus without Tests 

In this section we are going to prove that tests do not add any discriminatory power to 
the contexts already present in the doA-calculus. This means that whenever there is a 
test-context C<\-\) separating two test-free terms M,N (sending, say, M to e and N to 0) 
there exists also a term-context D(\-\j that is still able to separate M from N, without using 
the operators r and f . (As we will discuss in Section |9j this is not the case for the full 
S A-calculus with tests.) 

From this syntactic result and the full abstraction for the c\)A-calculus with tests (Theo- 
rem 5.11 ) we conclude that the model T> is also inequationally fully abstract for its test-free 



fragment (Theorem 6.14, below) 



6.1. The cfoA-Calculus (Without Tests). The doX-calculus is a restriction of the OqX- 
calculus with tests presented in Section [3} The restriction is obtained by erasing from the 
syntax the constructors r and r and the corresponding reduction rules, i.e. (r), (f ) and (7). 
In other words the tests are no longer part of the language and — >p is the only reduction 
rule of the system. 

This description is enough to completely characterize the system — for a more detailed 
description, see [HI [H] . 

Notation 6.1. We write A r (resp. 2(A r )) for the set of (resp. finite sums of) terms of the 
(?oA-calculus. The set of all (term-)contexts of the doA-calculus will be denoted by A^. 

We still write M, N, L, H for terms in A r , M,N,L,H for sums of terms in 2(A r ), P, Q 
for bags and D(\-\) for contexts. This will not create confusion because we will always specify 
the set they belong to. 

In order to properly define the operational pre-order in this setting, we first need to 
introduce the notion of solvable term. 



6.2. Solvability in the 9oA-Calculus. In A-calculus [lj a term M is solvable whenever 
there exist suitable arguments that, once supplied to M, make it reduce to the identity - 
this means that M it is able to interact operationally with the environment. 

In resource calculi solvability has been thoroughly studied by Pagani and Ronchi Delia 
Rocca in |28j. Their work needs to be adapted because of the absence of promotion in 
our system. For the do A-calculus the good notion of solvable term is the following. 

Definition 6.2. A term M £ A r is solvable if there is a term-context D<\-\) such that 
D(|M[) — »/3 I. We say that M is unsolvable otherwise. 

Reading \27[ [28] one may wonder why in the previous definition we do not ask more 
generally that D<\M) ^ I + N for some N G 2(A r ). This is due to the fact that in our 
<9oA-calculus the two definitions are equivalent, as shown in the next lemma. (So we choose 
the easier formulation.) 
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Lemma 6.3. Let M G A r be a closed term. If M -»p I + M for some M G 2(A r ), then 
there exists a sequence P of closed bags such that MP -»« I. 

Proof. Suppose M closed such that M -»« I + M. Then M is also closed and normalizes 
to a sum M' = Hj = iXyj.M!j such that each Mj is not an abstraction itself. Now, if M' = I 
then we are done as M -»g I + M -»g I + I = I. Otherwise, let h be the maximum 
among the lengths of the sequences y*j. Then M'[I]~' 1 is again a sum of closed terms and 
normalizes to a sum M" of closed abstraction terms whose size is strictly smaller than M'. 
The reason is that for each summand (A^-.Mj)[I] which does not reduce to 0, Mj must 
contain exactly one occurrence of each variable in y*j. Hence Mj ([I] } has the same 
size as (Aj^-.Mj) but it reduces (via contraction of the I that has replaced the head variable 
of Mj) to a term having a strictly smaller size, unless Xjjj.M'j = I. Iterating this reasoning 
for at most a number of times equal to k = size(M) + 1 one obtains that either M[I]~ fe -»a 
or M[I]~ fc I. 

Therefore M[I]~* I[I]~ fe + M[I]~ fc I, as desired. □ 

As in |27[ [28] we are going to characterize solvability from both a syntactic and a 
semantic point of view (Theorem 6.5). 

Proposition 6.4. Let M G A r and let FV(M) = x. If M reduces to a normal form different 
from 0, then there are two sequences P, P' of closed bags such that: 

(MP)(P'/x){0/x} -» p I + M, for some M G 2(A r ). 

Proof. By induction on the size of M. Let x = xi,...,x n and suppose that M -^> p 
Ayi • • • Um-yQi • • • Q q + M where m, q G N, Qi = [M^i, . . . , M^fcJ for all 1 < i < q, each Mjj 
is in normal form for every 1 < j < k{ and M € 2(A r ). For the sake of simplicity, assume 
y = yh for some 1 < h < m (the proof is analogous when y G x). 

By induction hypothesis, for all 1 < i < q and 1 < j < kt there are sequences 
P itj ,P id ,Pl'j of closed bags such that M i jP hj {Pl j /y){Pl[ j /x){{)/y,x} -* p I + Mjj for some 

My G 2(A r ). In the following, we will denote by cry the substitution (P[j jy) (-fy /^{0/y, x}. 
We start by defining the closed term H that will be plugged in head position: 

H = Xzi . . . %.H& 1) ... j fcj£iPi > i, . . . , ZiPifa] • • • [z q Pg t i, . . . , Z g P qi k q ]- 

In the rest of the proof we shorten ^ki,...,k q to H. In addition, we set: 

Q' k = W?=l W |=i P Uk f or all 1 < k < m 
Ql = W?=l &j=i P "j,k foralll<fe<n 

We now prove that {MQ[ ■ ■ ■ Q' h ^{Q' h bJ [H])Q' h+1 ■ ■ ■ Q' m )(Q" /x){0/x} -* p I + M. In the 
reduction path we will only focus on the term reducing to I by collecting all the others into 
generic M's. Indeed, we have: 

(MQ[ ■ ■ ■ Q' h _ x {Q' h W [H])Q' h+1 ■ ■ ■ Q' m )(Q"/x){0/x} ^ p 

((Ayi . . . y m .yQi • • ■ Q q )Q'x ■ ■ ■ Q' h -iiQ' h W [H])Q' h+1 • • • Q' m )(Q" /x){0/x} + Mi -+ p 
(HQx ■ ■ ■ Q q )(Q'/y)(Q"/x){0/y, x} + M 2 

(E[M lA P hl , M lM P lth ] ■ ■ ■ [M qA P qA , . . . ,M qtkq P qA ]){Q'/yl{Qy^{0/y, x} + M 3 ^ 
S[Mi,iPi,icti,i, . . . , M 1>kl Pi M a 1M ] ■ ■ ■ [M q ,iP q ,ia qt i, M^ kq P^ kq a^ kq \ + M 4 
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By induction hypothesis, this reduces to E[I, . . . , I] • • • [I, . . . , I] +M 5 -^g I + M for M := M 5 
(see Example |3.18p l) ) . □ 



Note that in the statement above M must be closed because MP(P' /x){0/x} is. 

Theorem 6.5. Let M G A r , then the following three sentences are equivalent. 

(i) M is solvable, 

(ii) M -»g N + N for some N in normal form and N G 2(A r ), 

(iii) {Mj s / 0. 

Proof, (i => ii) Suppose by contradiction that there is no normal N such that M -»r N + N 
for some N G 2(A' r ). Since the <9oA-calculus is strongly normalizing, the only possibility is 
that M -»g 0. Therefore, for every term-context D(\-\j we would have D(\M\j -»g D(\0\j = 0. 
This is a contradiction since the calculus is Church-Rosser and by hypothesis there should 
be a term-context D(\-\j such that D<\M\) -»g I. 



(ii =^ i) Let M -»« N-\-~N and x = FV(M). By Proposition 6.4 there are sequences P, P' 
of closed bags such that MP(P' /x){0/x} -»g I + M for some M G 2(A r ). By Lemma 6.3 
there is a sequence P" of closed bags such that MP{P' /x){0/x}P" -»a I. It is then enough 
to set D(|-D = (\x.<\-\)P)P'P " to h ave D<\M\) I. 



(ii iii) By Theorem |4T2] [M] 2 = [JV]g U [r% for £ = xi, . . . , x n C FV(M). We 
now prove, by structural induction on N, that §_Njg ^ for all N in normal form. Let 
N = Xzi . . . z m .yP\ ■ ■ ■ P p where p > and each Pi = [L^ i, . . . , L^^] contains all normal 
terms. For the sake of simplicity we assume y = G z (the proof is analogous for y G x). 

Base case p = 0. Trivial since for all a G V we have (([], [a], []),a) G |[iV]|^ where [a] 
occurs in h-th position. 

Induction case p > 0. By induction hypothesis, there exist (Sij,Pij) G [ijjj^z f° r 
each 1 < i < p and 1 < j < k p . Let bi = [fli,i, ■ ■ ■ , /Sj,jfcJ for every 1 < i < p and 
ao = ([], [bi 6 P :: a], []) G .A/ff(£>) n+m where the only non-empty multiset is in n + h 
position. Then (a ,&i 6 P :: a) G [z/jj^ and (a^, bi) G [P*]^ for a* = b^-LjQj. It 
follows that (ao td ai ttJ • • • tfc) a p , a) G [^Pl • • • P P }x,z- We conclude since [^Pl ■ ■ ■ P P ]x,z 7^ 
if and only if {Xzi . . . z m .z h Pi ■ ■ ■ P p J s ^ 0. 



(iii =>• ii) Suppose that M -»g 0. Then by Theorem 4.12 we have [M] 



which is a contradiction. O 

Definition 6.6. The operational pre-order on the doA-calculus is defined as follows (for 
all M, N G A r ): 

M Qo N ^ VD(|-D G AJ.j closing M,iV(.D(|MD is solvable => D(\N\j is solvable). 
We set M ^ N ii and only if M Q a N and N Q a M. 



Let us consider the restriction of the preorder (see Definition 3.28) to the terms 



of the <9oA-calculus (without tests). Theorem 5.11 shows that for all terms M,N of the 



<9oA-calculus (without tests) we have \M\$ C \N\g 44> M Q@ N. Later in this section 



(Theorem |6.14 ) we will prove that [MJ^ C [iV]j 4^ M Qo N. Hence the preorder 
coincides, on the test-free language, with This is an a fortiori justification of Definition 



6.6, which was anyway supported by the intuition that solvable cfo-Vterms are a kind of 
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arenas over which the solvability game can be successfully played and simulated by the 
throw/catch game of the test constructions. 

6.3. Full Abstraction via Test Expansion. As mentioned in Section [3j the term f(V) 
roughly corresponds to V preceded by an infinite sequence of dummy A-abstr actions; dually, 
the test t[Li]| • • • |r[Lfe] corresponds to providing each Li with an infinite sequence of empty 
bags. (This is also clear from the reduction rules (r) and (r).) In this section we show that 
the infinite nature of these sequences is not essential in the doA-calculus. Roughly speaking, 
one can find an n such that Xx\ . . . x n .V has the same behaviour of f(V) and rij's such that 
each Lj[]~ ni has the same behaviour of r[Lj]. The parallel composition V = Vx\ ■ ■ ■ |V& can 
be simulated in the <9oA-calculus by M = Ax.x[Vi, . . . , V&] in the sense that V converges iff 
each Vi converges and, similarly, M is solvable iff each Vi is solvable. 



We then define a test-expansion (Definition 6.10), from terms of the <9oA-calculus with 
tests to test-free terms, formalizing this intuition. In order to expand the correct number 
of times the occurrences of f and of the elements of a test, we first need to "name" each 
occurrence in a different way. For this reason we label such occurrences with pairwise 
distinct indices. 

Definition 6.7. A labelled expression A is an expression of the 9oA-calculus with tests such 
that every occurrence of a f and every element of a test have been decorated with distinct 
natural numbers (called indices). We denote by (A f ) lab , (A fe ) lab , (A T ) lab , (A e ) lab , (A^) lab 
the set of labelled terms, labelled bags, labelled tests, labelled expressions, labelled term- 
contexts, respectively. 

Let A G 2((A e ) lab ) be a sum of labelled expressions. We write A for its underlying 
expression; in other words A is obtained stripping off all indices from A. We write dom(A) 
for the set of indices occurring in A. Note that the domains of two summands A, A' G A 
may have a non-empty intersection. 

Example 6.8. 

1. M = Ax?/.fi(r[(I)2, (x)3, (y[f5(r[])])4]) is a labelled term. Its domain is dom(M) = 
{1,2,3,4,5} and its underlying term is M = Xxy.f (r[I, x, y[f (t[])]]). 

2. I is a labelled term because it does not contain any occurrence of r nor f. In this case 
we have dom(I) = and 1 = 1. 

3. Ax.fi(r[(x)2, (x)s, (I)i]) is not a labelled term, because the labels of f and of I are both 1 
(they are not distinct). 

4. V = t[(I) 2 ,(D)5,(7V(t[(I)ii]))i3] is a labelled test. Its domain is dom(V) = {2,5,7,11,13} 
and its underlying test is V = r[I, D, f(r[I]))]. 

5. P = [Xx.ti(t[(x)2]), D] is a labelled bag. Its domain is dom(P) = {1,2} and its under- 
lying bag is P = [Xx.t(t[x]),Y)]. 

6. M = Xx.T3(t[(x)i\) + Xx.fz(T[(x)i, (x)%\) is a sum of labelled terms. Its domain is 
dom(M) = {1, 2, 3} and its underlying sum of terms is M = Xx.f(r[x]) + Xx.f(r[x, x}). 



From ([2j) we note that A = A for all test-free labelled expressions. From ([5J) we note that 
in a labelled bag the labels actually occur within its elements. 

Definition 6.9. The reduction semantics for labelled expressions is inherited straightfor- 
wardly from the <9oA-calculus with tests. In the /3-rule, the terms are substituted together 
with their indices. 
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Since there is no duplication during the reduction, if A is a labelled expression reducing 
to A then A is a sum of labelled expressions (that is, all the indices occurring within each 
A G A are pair wise distinct). 

Definition 6.10. Let A G (A e ) lab be a labelled expression and £ be a function from N to 
N. The l-expansion A^ of A is an expression of the <9oA-calculus without tests, defined by 
induction on A as follows: 

x l = x, {Xx.M) e = Xx.M e , {MP) 1 = M e P e , 

[La, ... , L k ] e = [L{, . . . , L{), n(Vf = \ Xl ... x e(i) .V e where x $ FV(^), 

(r[(Li) fl , • • • , (L fc ) ffc ])' = As.z[L!0~* (<l) , . . . , 40~^>] where x £ FV(L £ ). 

In particular = Ax.x[] for all This is extended to sums by setting (Y^i-^-iY = Yi-^-i 
and to contexts by setting <\Y = (j"D- 

Obviously, for all test-free labelled expressions A we have A = A for all t. 

Remark 6.11. 

1. For all labelled test-contexts C<\-\) G (Al| ) ) lab and labelled terms M G (A f ) lab we have 

(CflMP)* = C^M 1 ) for any 

2. For all labelled expressions A G (A e ) lab , if £fdom(A) = £' fdom(A) then A £ = for any 

3. In general, A — > B does not entail A e -»p B E . For instance, let A = (T[(ri[e])2, (1)3]) 
and I? = r[(I)3]; obviously vl — > 7 -B while, if £0 is the constant function with value 0, we 
have A e ° = Xx.x[\z.z[],l], B e ° = Xx.x[I) and A e ° >^ B e °. 

The proofs of the following lemmas are given in the technical Appendix [A} 

Lemma 6.12. Let V G 2((A r ) lab ) be a sum of labelled closed tests. 7/V -» e then there 
exists a map £ : N -> N suc/i #wf V^ +fc ) is solvable /or aZZ fc G N. 

Lemma 6.13. Let V G 2((A T ) lab ) be a sum of labelled closed tests. IfY^O then there 
exists a natural number k such that V^ +k ^ -» for all £ : N — >■ N. 

We are now ready to state and prove the main theorem of this section, from which 
immediately follows the equational full abstraction result for the <9oA-calculus. 

Theorem 6.14. T> is inequationally fully abstract for the doX-calculus (for all M, N G A r ): 

{M\ 3 C lNj s & M Q N 

Proof. (=>) Assume that {Mj s C {Njg, and let D<\-\) G AJk be a context closing both M 
and A r and such that D^M\ is solvable. From the characterization of solvability given 
in Theorem 6.5 we have -D(|M[) -» M' + M for some M' G A r in normal form and M 



2(A r ). By Theorem 4.12, [D([MD] = [M'j U [M] which is different from by Theorem 6.5 



By monotonicity of the interpretation we get Pd M Dl ^ d-C^DL tnus Pd^"Dl ^ 0- B Y 
Theorem 6.5 this entails that D(\Nh is solvable too. 



(<=) Suppose, by the way of contradiction, that M Co A?" holds but there is an element 
(a, a) G [M]g- {Njg. By Proposition |510| the test-context C<\-\j = a + (\(Xx.(\-\))ar\) i s suc h 
that C(\M\) -» a + (\M(ar/x)\) -» e and Ct\N\) > e (therefore C(\N tj -» by Lemma [3T23] . 
Let C'j-D G (A:.) lab such that C'(\-\) = Cfl-}. By Lemma |6.12| there exists £ such that 
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(C"flMD)( |+fe ') is solvable for every k' E N._By Lemma 6.13 there exists k £ N such that 
(C'I\N\)Y £+ ^ is unsolvable. From Remark we get (C"flM[))( £ + fc ) = C'^+^flM^+^D 

and (C't\N\))( i+k *> = C'^ +k ^<\N^ +k ^. Since M, N are test-free we have M^ +k "> = M and 
jy(£+fc) _ jy. We conclude because we found a term-context C'^ +k ^ such that C"^ +fc ) (|M[) 
is solvable and C'^ +k HN\j is unsolvable, which is a contradiction. O 



Corollary 6.15. T> is equationally fully abstract for the do\-calculus. 

Remark 6.16. A direct proof of Corollary 6.15 might be obtained exploiting a corollary of 



the Bohm Theorem for the dA-calculus proved in [21]. We preferred to provide this proof 
based on test-expansion because it clarifies the behaviours of our test operators and works 
also in the inequational case. 



The rest of the paper is devoted to extend the full abstraction results of Subsection |5.2 
to the <9A-calculus with tests. The main ingredients will be the head reduction introduced 



in Subsection 7.5 and the Taylor expansion we define in Subsection 8.1 



7. The <9A-Calculus with Tests 

The d\- calculus with tests is an extension of the <9oA-calculus with tests with a promotion 
operator available on resources. In this calculus a resource can be linear (it must be used 
exactly once) or not (it can be used ad libitum) and in the latter case it is decorated with 
a "!" superscript. 



7.1. Syntax. The grammar generating the terms, the tests and the expressions of the d\- 
calculus with tests, is given in Figure 4(a)| Note that such grammar is equal to the one for 



the <9oA-calculus with tests (in particular tests are still plain multisets of linear resources) 
except for the rule concerning bags which becomes: 

P ::=[L 1 ,...,L k ,N l ] bags 

where N is a finite sum of terms of this new syntax. We write Af for the set of terms 
generated by this new grammar, AJ for the set of tests, A? for the set of bags, Af for the 
set of expressions. 

It should be clear that from now on bags are no more plain multisets of terms: they 
are compound objects, consisting of a multiset of terms [L\, . . . , L}~] and a sum of terms 
N, denoted as [L\, . . . , L k , N']. We shall deal with them as if they were multisets, defining 
union by [Li, . . . ,L k ,n l ] tt) [L k+1 , . . . ,L n ,M ! ] := [L u L n , (N + M) ! ]. This operation is 
commutative, associative and has [0 ! ] as neutral element. 

Remark 7.1. The OoA-calculus with tests is the sub-calculus of the <9A-calculus with tests 
in which all bags have the shape [L\, . . . , L k , 0"], and this identification is compatible with 
the reduction rules. 

As in the <9oA-calculus with tests, we extend this syntax by multilinearity to sums of 
expressions with the only exception that the bag [L%, . . . , L k , (N + M) ! ] is not required to 
be equal to [L\, . . . ,Lfc,N ! ] + [L±, . . . ,L k ,M.']. The intuition is that in the first expression 
N+M can be used several times and each time one can choose non-deterministically N or M, 
whereas in the second expression one has to choose once and for all one of the summands, 
and then use it as many times as needed. 
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Af: 
Af: 
Af: 
Af: 



Af, N,L,H 
P,Q 

v,w 

A,B 



The <9A-calculus with tests 

x | Xx.M | MP | f(V) 
[L!,...,L fc ,M ! ] 
t[Li, ...,Lk] 
Af I V I P 



terms 
bags 
tests 
expressions 



M, N, L, M e 2(Af ) sums of terms 

P,Qe2(Af) sums of bags 

V,W€2(Af) sums of tests 

A, B € 2(Af) := 2(Af) U 2{Af ) U 2(Af) sums of expr. 
(a) Grammar of terms, bags, tests, expressions, sums. 



Linear Substitution (New Rule) 

[Li , . . , L k , N ! ] (N/x) = £*U [L!,..,Li (N/x) , . . , L k , N ! ] + [Li , . . , L k , N(N/x) , N ! ] 

(b) Linear Substitution. 



Reduction Semantics (New Rules) 

(\x.M)[L u . . , L k ,N'} Af ([Li, . . , L k ]/x){N/x}, 

, f f(V0 ifJfe = 0, 
r(F)[L 1 ,...,L fe ,N'] -> f <^ otherwise. 

(c) Reduction rules. In the (/3) rule we assume wlog x §t FV([Li, . . . , Lk]). 



Context Closure (New Rule) 

MEM , 
1 : bangrcs 

[(Af + N) ! ] tt) P R [(M + N) ! ] tt) P 
(d) Context closure of a relation R C Af x 2(AP). 

Figure 4: Syntax, notations and reduction semantics of the SA-calculus with tests. 

7.2. Substitutions. Linear substitution is denoted and denned as in the <9o A- calculus with 
tests (Figure [2(b) ), except of course for bags, where we use the rule of Figure [4(b) [ Linear 
substitution is extended to sums, as in A(N/x), by bilinearity in both A and N. 

Remark 7.2. In the !-free case, that is when N = 0, the above definitions and notations 
agree with those introduced in Subsection |3.4[ because in that case we have 

[L 1 ,...,L k ,N(N/x),N-] =0, 

since Q(N/x) = 0. 

We also define the regular substitution j4{N/x} for the 9A-calculus with tests, by simply 
replacing each occurrence of x in the expression A with N — in that way we get an expression 
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of the extended syntax, since N is a sum in general. This operation is then extended to 
sums, as in A{N/x}, by linearity in A. 

Example 7.3. 

1. (y[x-])(z/x) = y[z,x-}, 

2. (y[x,O l ])(z/x) =y[z,O l ], 

3. (y[(x + z)-)){z/x) = z[z, (x + z) 1 }, 

4. (y[x, x-])(z/x) = y[z, x 1 } + y[x, z, ar], 

5. (x[x l ]){y/x){z/x) = y[z,x l ] + z[y,x l ] + x[y,z,x ! ], 

6. (x[x ! ])((y + z)/x) = y[x l ] + z[x'] + x[y, x ! ] + x[z, ar], 

7. (y[x, x-]){{y + z)/x) = y[y, (y + z) 1 } + y[z, (y + z) ! ], 

8. (x[x l ]){{y + z)/x} = y[(y + z) l ] + z[(y + z) 1 ], 

9. (x[x, x ! ]){(y + z)/x] = y[y, (y + z)-) + (y + z) ! ] + (y + z) ! ] + z[z, (y + zf]. 

A Schwarz Theorem, analogous to Theorem |3.12[ holds for the <9A-calculus with tests. 
Hence, given a sum of expressions A and a bag P = [L\, . . . ,L/%] with x £ FV(P), it still 
makes sense to set A(P/x) := A(L\/x) ■ ■ ■ (L^/x) because this expression does not depend 
on the enumeration of L±, . . . , in P. In particular A([]/x) = A. 



7.3. Operational semantics. The reduction rules of <9A-calculus extend those of the 8qX- 
calculus with tests in the sense that they are equivalent on !-free expressions. 

Definition 7.4. The rules (r) and (7) are exactly the same as the corresponding rules of 



the <9oA-calculus, while the /3-reduction and T-reduction are rephrased as in Figure 4(c) In 



this setting, their contextual closure needs to be closed also under the rule of Figure 4(d) 



The <9A-calculus with tests is still Church-Rosser (just adapt the proof in [29]), while 
it is no more strongly normalizing. For instance the term Q := A [A - ], for A := Ax.x[ar], 
has an infinite reduction chain, just like the paradigmatic homonymous unsolvable A-term. 
Indeed, the usual A-calculus can be embedded into the <9A-calculus with tests by translating 
every application MN into M[N~]. 

Remark 7.5. Reductions in the <9 A-calculus with tests may be tricky, due to the combina- 
tion of linear and non linear resources and substitutions. For instance, we can obtain eight 
Sl-like terms of the dA-calculus with tests, of the form M[7V( ! )] where M,N £ {D, A} and 
(!) denotes the optional presence of the promotion. Not surprisingly all these terms, except 
for Q, reduce to 0. E.g., D[A ! ] -ty A [A] -ty A[A,0 ! ] -ty A[0 ! ] + 0[A, ! ] ->p 0. 

Here are some other examples of reductions, involving tests. 

Example 7.6. 

1. (Ax.f(e)[x ! ])[I,0 ! ] -+0 f(e)[x l ]([I]/x){0/x} = f(e)[I,0 l ] ^ f 0, 

2. (Ax.f(e)[x ! ])[I,0 ! ] (Ax.f(e))[I,0 ! ] r(e)([I]/x){0/x} = 0, 

3. (Ax.f ( £ )[x ! ])[I ! ] ^ f (e)[x ! ]{I/x} = r(e)[I ! ] ^ f(e), 

4. (Ax.f (e)[x ! ])[I ! ] ^ f (Ax.f (e))[I ! ] ^ f(e){I/x} = f(e). 

In this framework a test-context Ct\-\) (resp. term-context D(\-\j) is a test (resp. term) of 
the <9 A-calculus with tests having a single occurrence of its hole, appearing in term-position. 
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Definition 7.7. Term-contexts D(\-\) and test-contexts C(|-[) are denned by the following 
grammar: 

L>B ::= (|-D | Xx.D \ DP \ M[D,L,N [ ] \ M[L, (£> + N) ! ] | f(C) 

Cd-D ::=r[D,L] 

The set of term-contexts is denoted by AT; and the set of test-contexts is denoted by AT; . 

Definition 7.8. A test V converges, notation V \., if there exists a (possibly empty) sum 
V such that V -» e + V. 



Convergence should not be confused with normalization. Note that Definition 7.8 



is 

the natural extension of Definition 3.25 in presence of promotion, e and are not the only 
possible "outcomes" of closed tests because there are looping terms that may never interact 
with an outer cork t\\. That case represents "failure", i.e., a scenario where there is no 
possible sequence of choices (among summands of terms resulting from reduction) leading 
to the positive test e. 

Definition 7.9. The operational pre-order CTj on the <9A-calculus with tests is defined by: 

M CTj N VCfl-|) G Aj.J closing M,N (C(\M\)l C(\N\)l). 
We then set M «g AT iff M eg N and N CTj M. 



7.4. Relational semantics. The dA-calculus with tests can be interpreted into T> by ex- 
tending the interpretation of the 9oA-calculus with tests given in Subsection 43 as follows: 

{[L x , . . . ,L k ,N% = {Ktr«r, [/3i, . . .,/WD I (Sj,Pj) 6 {LjU 1 < j < k and 

(«i, Pi) G [N]]2, k < i < k + m, m > 0}. 

The following are examples of interpretations. As shown in Q below, interpreting the non 
linear resource N' in P = [L, N'] boils down to choosing an arbitrary number of elements of 
[N], whereas exactly one element of each [Lj] is required. 

Example 7.10. 

1. [A] = {([a :: a] W a) :: a \ a G M { (V), a £ V}. 

2. [O] = 0. Indeed, a G {Uj iff there exist k > and ai,...,a fc G [A] such that 
[ai,..., :: a G [A]. We prove by induction on A; that this is never satisfied. If 
k = 1 then by ^ [a\] :: a £ [A] entails qi = [] :: a and it is easy to check that 
ai ^ [A]. Otherwise, if k > 1, [cui, . . . , a^] :: a G [A] and each aj G [A] then, for some 
j, otj = [ai,..., ct/-i, CKj+i, • • • , ctfc] :: a G [A] and we are done by induction hypothesis. 

3. [D[I ! ]]] = {[7] :: 7 | 7 G P} since [a] :: /3, a G [I] entails /3 = a = [7] :: 7, for some 7 G T>; 
conversely, for any 7 G P, both [7] :: 7 and [[7] :: 7] :: [7] :: 7 belong to [IJ. 

4. [[D,I ! ]1 = {[[[a] :: /3, a] :: /3, [01] " ai,...,[a fc ] :: a fc ]] | a, /3, ai, . . . , a fe G D for k G N}. 

The comparison between [D] (Example jlTpj)) and [A] (item 0) gives a grasp on the 
semantic counterpart of non-linearity. 

It is easy to check that both the linear and the classic substitution lemmas generalize 
to this context. While we can keep the same statement for Lemma 4.11 Lemma 4.10 must 
be rephrased as follows (indeed, deg x (M), deg x (V) are undefined when M, V contain non 
linear resources). 
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Lemma 7.11 (Linear Substitution Lemma). Let M,L%, . . . ,L k G A[,Q G AJ and P = 
[L±, . . . , Lfe] (roi/i y G" FV(P) j. T/ien we have: 

(i) ((a, 6), a) G [M(P/y)]^ y iff there exist (a*, ft) G [I*] 2 f/or i = 1,.,.,/cJ and a G 
A4 f (£>) n and b G -M f (£>) suc/i i/tai ((a , [ft, . . . ,/3 k ] ttl 6), a) G [M]^ y and ttjf =0 a^ = a. 

(ii) (a, 6) G [Q(P/y)Is, y if there exist (a*, ft) G [Lij 3 (fori = l,..., k) and a G M{(V) n 
and b G Alf (D) such that (a* , [ft, . . . , ft] ttl b) G [Q]^, y and tt)f =0 dj = a. □ 

From these lemmas it ensues that T> is also a model of the (9A-calculus with tests. 

Theorem 7.12. V is a model of d\- calculus with tests. □ 



7.5. Head Reduction. We now provide a notion of head reduction for the <9A-calculus 
with tests. Intuitively, head reduction is obtained by reducing a head redex, that is a 
redex occurring in head position in an expression A. The main interest of introducing this 
reduction strategy is that it "behaves well" with respect to Taylor expansion in the sense 



of Proposition 8.6 



The definition of term- and test-redexes is inherited from Definition 3.15 Among these 
redexes we distinguish those that are in "head" position. 

Definition 7.13. A head redex is defined inductively as follows: 

- every test-redex V is a head redex, 

- a term-redex H is a head redex in both the term Xy.HP and the test r[.HP]|V. 

Definition 7.14. We say that A — > IB is a step of head reduction if IB is obtained from A 
by contracting a head redex. If A — )■ B is a step of head reduction then also A + A — > B + A 
is. 

One-step head reduction is denoted by — >h, while -^h indicates its reflexive and transi- 
tive closure. 

Remark 7.15. Unlike in ordinary A-calculus, an expression A may have more than one 
head redex, hence there may be more than one head reduction step starting from A. 

Head reduction induces a notion of head normal form on (sums of) expressions. 

Definition 7.16. An expression A is in head normal form (hnf for short) if there is no IB 
such that A — >^ B; a sum A is in hnf if each summand is in hnf. 

This notion of head normal form differs from that given by Pagani and Ronchi Delia 
Rocca in [28J. We keep this name because their definition captures the notion of "outer- 
normal form" rather than that of head normal form, and in fact they changed terminology 
in [27]. 

The following lemma gives a characterization of terms and tests in head normal form. 
Lemma 7.17. 

(i) A term M is in head normal form if and only if either M := Xx.yP or M := \x.f(V). 

(ii) A test V is in head normal form if and only if V := t[x\P\, . . . , x n P n ] for n > 0. 



Proof. By a simple inspection of the shape of head redexes (Definition 7.13). D 
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The following two lemmas concern reduction properties of promotion-free closed tests. 

Lemma 7.18. Let V £ A T . If V is closed and V 7^ e then it has a head redex (hence, 
V — >h V for some Y). 

Proof. By structural induction on V. It suffices to consider the case V = t[M]. We 
then proceed by cases on the structure of M (which must be closed). If M = Xx.N 
then V head reduces using (r). If M is an application then it must be written either as 
M = (Xy.N)Pi ■ ■ ■ P k or as M = f\W]P\ ■ ■ ■ P k (in both cases k > 1) and hence V head 
reduces using either (/?) or (f ), respectively. If M = f(W) then V head reduces using (7). □ 

Lemma 7.19. If V £ A T is closed then V -» e (resp. V -» 0) if and only ifV e (resp. 

Proof. (=>) Suppose, by contradiction, that V -» e but V -/»h e. By confluence (Theo- 
3.22[ ), we cannot have V -»h 0. Thus, since V S A r is strongly normalizing, the only 



rem 



way to have V -f»h £ is that V — »^ V where V 7^ e, is in hnf. This is impossible by 
Lemma 17.181 

An analogous proof shows that V -» entails V -^h 0. 

(<=) Trivial since C -». □ 

Remark 7.20. One should be careful when trying to extend the above result to terms 
M 6 A T . For instance, it is false that M -» if and only if M -»h as shown by this easy 
counterexample: the term M := Ax.x[I[]] is in hnf but M — >p \x.x\fS\ = 0. 

Head reduction will play an essential role in the next section. 



8. Full Abstraction via Taylor Expansion 

In this section we are going to define the Taylor expansion of terms and tests of the d\- 
calculus with tests. We will then use this expansion, combined with head-reduction, to 
generalize the full abstraction results obtained in Subsection 5.2 to the framework of d\- 
calculus with tests. 



8.1. Taylor Expansion. The (full) Taylor expansion was first introduced in |lll I12j . in 
the context of A-calculus. The Taylor expansion M° of an ordinary A-term M gives an 
infinite formal linear combination of terms (equivalently, a set of terms) of the <9oA-calculus. 
In the case of ordinary application it looks like: 

00 . 

(MN)° = V —M[N, ...,N] 
n\ " w ' 

n times 

in accordance with the intended meaning and the denotational semantics of application in 
the resource calculus. In the syntax of Ehrhard-Regnier's differential A-calculus the above 
formula looks like Yln^o ^.M( n \0)(N, . . . , N), hence the connection with analytical Taylor 
expansion is evident. 

Following [21] , we extend the definition of Taylor expansion from ordinary A-terms to 
expressions of the OA-calculus with tests. Since in our context the sum is idempotent, the 
coefficients disappear and our Taylor expansion corresponds to the support of the actual 
Taylor expansion. 
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x° 


= {*}, 




(Xx.Mf 


= {Xx.M' 


| M' G M°}, 


(MP) 


= {M'P 1 | 


M' G M°, P' G P°}, 


(f(v)r 


= {f(V)\ 


V G V°} 


(r[M l! ...,M fe ])° 


= m,... 


. . , M' k ] M[ G M°, for 1 <i < k}, 


[L!,...,L fc ,N ! ]° 


, I' fc ] W P | G L°, for 1 < t < fc, P G Mf(N )}, 









Figure 5: The Taylor expansion A° of A G 2(Af). 



As the set 2(A e ) DO of possibly infinite formal sums of expressions is isomorphic to P(A e ), 
in the following we feel free of using sets instead of sums. 

Definition 8.1. Let A G 2(Af). The (full) Taylor expansion of A is the set A° C A e which 
is defined (by structural induction on A) in Figure [5| 

The following are examples of Taylor expansion of terms and tests. 

Example 8.2. 

1. (Xx.x[x'])° = {\x.x\x, . . . , x] | n > 0}, 



2. (t[Xx.x[x, x']])° = {t[Xx.x[x, . . . , x\] \ n > 0}, 



3. (x[(z[y-})-})° = {x[(z[} + z[y,y-)y])° = {x[z{y^^, . . . , z{y^^yj\ \ k,m,...,n k > 0}. 

In and (§ we see that the Taylor expansion of an expression A can be infinite. In 
Q we have an example of two different terms sharing the same Taylor expansion. 

Convention 8.3. To lighten the notations, we will adopt for infinite sets of expressions 
the same abbreviations as introduced for finite sums in Subsection 3.4 (including those for 
substitutions). 

For instance, if X,Y C A f then Xx.X denotes the set {Xx.M' \ M' G X} and X(Y/x) = 
U M ex,NGYM(N/x). 

In [20] it is proved that the Taylor formula holds in MRel. This property entails that 
Taylor expansion preserves the meaning of an expression in T>, as expressed in the next 
theorem. 

Theorem 8.4. [A]* = UAzA'Uh, f or al1 A G 2 ( A ! )• 

Proof. By adapting the proof in [20] of the analogous theorem for the differential A-calculus. 

□ 

We now need the following technical lemma stating the commutation of Taylor expan- 
sion with respect to ordinary and linear substitutions. The proof is lengthy but not difficult 
and is provided in Appendix [Xj For the sake of readability, in the next statements we use 
sums and unions interchangeably. 

Lemma 8.5. Let A G Af, N G Af and N G 2(Af). Then, for x $ FV(iV) U FV(N): 
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(i) (A{N/x))° = A°{N°/x), 

(ii) (A{N/x})° =U PeMtm A°(P/x){0/x}. 

The next proposition is devoted to show how Taylor expansion interacts with head- 
reduction. To ease the formulation of the next proposition we assimilate 2(Af) to Pf(Af). 

Proposition 8.6. Let A G Af and let A' G A° be such that A' -> h W, for some B'. Then 
there exists B such that A^ h M and B' C B°. 

Proof. The idea is that the syntactic tree of A has the same structure as that of A' and we 
can define a surjective mapping of the redexes of A' into those of A. 

We only treat the case A' = \x.H'P[ ■ ■ ■ ■ P' where H' = (Xy.M')P' is a head-redex. 
From A' G A° we get A = Xx.HPi ■ ■ ■ P p for some H such that H' G H°. Hence, supposing 
wlog P' = [L',N'}, we have that H = (Ay.M)[L,N ! ] where M' G M°, the lengths of 
L' and L coincide, L\ G L° for all i and [N'\ G A^f(N°). We now know that H' 



M'([L'}/y)([N'}/y}{0/y} and H ^ h M([L]/y){N/y}. By Lemma^ (M([L]/y){N/y})° = 
U P eMAN°)M o (lL°}/y)(P/y){0/y} 2 M{P , / V ){0/y}. 

We can conclude that Ax.M / (P / /y){0/y}P{ • • • C {\x.M([L]/y){N/y}P 1 ■ ■ ■ P p )°. 

All other cases are simpler. O 

Remark 8.7. The above proposition is false for regular /3-reduction. E.g., take A := 
x[(I[y]) ! ] and A' := x[I[y],I[y}} G A°, then A' x[y,I[y\] and A ^ x[y ! ] but x[y,l[y]\ $ 
(x[y'-]y. 

Corollary 8.8. Let A,B' G 2(Af). If A' C A° and A' B' f/ien iftere exzsis B suc/i i/iai 
A ->- h B andB' C B°. □ 

Corollary 8.9. Let V G AT be a closed test. If there exists a V G V° such that V' -» e, 
then V \.. 



Proof. Suppose that there exists V G V° such that V -» e. By Lemma 7.19 there is a 
head-reduction chain of the form V' -^-h Vj — t-^ • • • — >h V n = e. By iterated application of 
Corollary 8.8 there are tests Vj (for i = 1, . . . , n) such that V — ^ Vi — • • • — >h V n with 
Vj C V°. We conclude since e G V° is only possible when e G V n . □ 



8.2. Full Abstraction for the (9A-Calculus with Tests. We are now going to prove 
that the relational model T> is inequationally fully abstract for the 9A-calculus with tests. 

Lemma 8.10. Given A G Af and M G Af we have: 

(i) {a + <\M\))° = a + §M°\), for all a G £>, 

(ii) (A(a-/x))° = A°(a-/x), for all a G M { (V). 

Proof. Easy, as a + (|-D and a" are !-free, and the Taylor expansion (-)° behaves like the 
identity on !-free expressions. D 
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Proposition 8.11. Let M G Af , x => FV(M) ; a e V and a £ M { {V). Then the following 
statements are equivalent: 

(i) (a, a) G [M]j, 

(ii) a+(\M(a-/x)n- 

Proof, (ji] =^ [TiJ) Suppose (a, a) G [MJ^, the n by Theorem 
that (a, a) G [M'J^. Applying Proposition 
since a+flM'^/^D G (a + ^M(o"/x) 
get q^([Af(a~/x)I)4.. 

Suppose that a + (\M (aT / 'x)\) -» e + V, for some V; then [a + (]M(o^/x)Dlj / 0. 

there is a closed test V G (a + flM(a7£)D)° such that {Vj ^ 0. By 



5.10 



there is an M' G M° such 
we know that a + dM'(cr/5f)D -» e. Now, 

and 



(by Lemma 8.10), we can apply Corollary 



8.9 



Hence, by Theorem 
Lemma 



i.10 



8.4 



V 



a + (\M'(a /x)D for some M' G M° and since its interpretation is non- 

"we get (a, a) G {M% C [M] 5 (by 



5.10 



empty we have V — » e. By applying Proposition 

Theorem [8l]). LJ 

Theorem 8.12. 2? is inequationally fully abstract for the d\- calculus with tests (for all 
M,N G Afj: 

[Mis C [JVjj, ^ M eg AT. 

Proof. (=>) Suppose that [MJ^ C f^Vj^ and there is a test-context C(J-|) (closing M, N) such 
that CflMJ |. Since CflM|) -» e+V, for some V, we have [CflMD] / 0. Thus, by monotonicity 
of the interpretation we get [C(|M|)1 C [C(Ji\T|)] 
V G (C(|iVD) such that 7 



[(C(|iVP) ] 7^ 0. By Corollary [3^4] there is 
e and we conclude that C (\N§ I by applying Proposition 8.11| 
(•£=) Suppo se by contradiction that M Cjj AT, but there is an (a, a) G [M]j 
By Proposition 



8.11 



a + ^M(^/x)[)| and since M A 7 we have a+^(a"/f)^|. Again, by 



Proposition 8.11 (a, a) G [A 7 ]^. Contradiction. 
Corollary 8.13. V is equationally fully abstract for the dX-calculus with tests. 



□ 



9. Conclusions and Further Works 

In this paper we defined the interpretation of several resource calculi into the relational 
model T> and characterized the equality induced on the terms from an operational point 
of view. The analogous question for untyped A-calculus was addressed in |19| . where it is 
shown that the A-theory induced by T> is T~L*, therefore T> is fully abstract for A-calculus. 

In the first result of our paper we proved that the model T> is also (in) equationally 
fully abstract for the <9oA-calculus with tests. Such a proof is simplified by the absence of 
promotion in the calculus, which allows us to work in a strongly normalizing framework. 
The interest of this proof is that it generalizes along two directions. 

The first direction aims to get rid of the tests, while remaining in the promotion-free 
fragment of the calculus. To extend this result to the <9oA-calculus without tests we defined 
the test-expansion — a translation from tests to terms replacing every occurrence of a test 
operator r, f by a suitable number of empty applications or dummy lambda abstraction. By 
applying this translation to a test-context separating two terms, we obtain a term-context 
having the same discriminatory power. This is not surprising since everything is finite in 
the do A-calculus (finite sums, finite reduction chains) therefore the infinitary nature of our 
test operators can be simulated by terms whose size is big enough. 

The second direction aims to extend the full abstraction result to the OA-calculus with 
tests (and promotion available on resources). The main contribution of the paper is to show 
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that this generalization can be done just by combining the properties of the head reduction 
and of the Taylor Expansion. 

It is worth to notice that the test expansion method cannot be applied in presence of 
promotion because T> is not fully abstract for the <9A-calculus; in other words the tests are 
necessary to obtain the last result. This has been recently showed by Breuvart [6], who 
exhibited two terms of the dA-calculus being observationally equivalent, but having different 
interpretations in T>. The idea of the counterexample is to build, using fixpoint combinators, 
a term M reducing (eventually) to an infinite sum of terms whose head variable is preceded 
by an increasing number of lambda abstractions. This term is annihilated by the context 
7" [(|-D [f (e)]] because the operator r "eats" all the lambda abstractions and substitutes the 
head-variable of each component of the sum by 0, while we know that the same context 
sends I to e. The author then proved that no context of the <9A-calculus can simulate this 
behaviour. 

The following table summarizes all these results. The definition of Qq is analogous to 
with the definition of may-solvable given in |28j; the definition of H is the usual one 
given in |25j . 



Calculus 



<9A-calculus with tests 
doA-calculus with tests 
9A-calculus 
(9oA-calculus 
A- calculus 



Operational Preorder V is fully abstract 



-< 



yes (Thm. 8.12 
yes (Thm. 5.11 ) 

no |6| 



yes (Thm. 6.14) 
yes (equationally ) [19 



Breuvart 's counterexample raises the problem of finding a model that is actually fully 
abstract for the <9A-calculus without tests. 

Question 9.1. Is there a fully abstract model of <9A-calculus living in the relational seman- 
tics? 

It is known that the structure of the underlying Cartesian closed category may effect 
the theories of all models living in it. For instance in [20j it is shown that terms having the 
same Taylor expansion are equated in all models living in MRel. It is therefore possible 
that Question |9.1| admits a negative answer. If this is the case, then the following question 
becomes interesting. 

Question 9.2. Is it possible to find a new comonad T, such that the (co)Kliesli Rel^ 
contains a fully abstract model of <9A-calculus? 

Indeed, the comonad M{ (— ) of finite multisets is not the only one that leads to models 
of 9A-calculus. For instance it has been shown by Carraro, Ehrhard and Salibra in [9] that 
one can consider exponential functors with infinite multiplicities. However, their models 



do not even validate the Taylor expansion, therefore are not suitable to solve Question 9.2 
The challenge is to find other kinds of comonads. 
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Appendix A. Technical Appendix 

This technical appendix is devoted to give the proofs of some results in the paper. The 
following is an equivalent but slightly more compact version of the linear substitution lemma. 



Lemma A.l (Lemma 4.10, Linear Substitution Lemma). Let M £ A T , Q £ A r and P £ A fe . 
Then we have: 

(i) (a, a) £ {M(P/y)}g if and only if 3d £ Mf(T>), 3b, c £ Mf(V) n such that ((b,d),a) £ 
[Mjg tV> (c, d) £ [Pig, a = bWc, and#d = #P = deg y (M). 

(ii) a £ lQ{P/y)}g if and only if 3d £ Mf(T>), 3b, c £ M{(V) n such that (b,d) £ lQ}g >y , 
(c, d) £ {Pjg, a = bWc, and#d = #P = deg y (Q). 

Proof. The points (i) and (ii) are proved by mutual induction on M and Q. 

(i) We only treat the case M = N [Ni, N h ]. 

(=>) First, let us call *p the set of all sequences P' = (Pg,...,P^) of bags such 
that P' tt) • • • tt) P' h = P and #Pj = deg y (Nj) for all j = 0, . . . , h. Also, note that by 
definition of linear substitution we have 

(N [N 1} N h ])(P/y) = Zp^NaiPMNxiPi/y),. . . , N h (P'Jy)\. 

Hence, by definition of interpretation, we have that (a, a) £ \M(P/y)\g iff there exist 

P' £ ty, ct\,...,ah £ T>, So,..., ah £ Mi(V) n such that (do, \a\, . . . , ah] ■■a) £ 

lN {P^/y)U (aj,<Xj) e [Ni{Pj/y)h ( fOT 1 < j < h), and a = Now b Y 

applying the induction hypothesis (i) we obtain that: 

• 3d £ M { (V), 3b ,c £ Mi(V) n such that ((c ,d Q ),[ ai , . . . ,a h ] :: a) £ [N jg jV , 
(b , d ) £ {Polg, a = b W c , and #d = #Po- 

• Vj = 1, . . . ,k, 3dj £ Mf(V), 3bj,Cj £ A4 f (P) n such that ((cj,dj),aj) £ [ATjl^y, 
0j,dj) £ [Pjk, S,- = bj W c}, and #d; = #Pj. 

Now let c = \£j =0 Cj, b = \£j =Q bj, and d = \£j =0 dj. Clearly ((c, d), [a\, . . . ,ah] ■■ a) £ 
[M]^„, (b, d) £ {Pjg, and a = 6tt) c. This concludes the proof of the (=>) implication. 

0=) Suppose that 3d £ «M f (X>), 36, c £ A4 f (£>) n such that ((c,d),a) £ [M]^, 
(6, d) £ \P\g and 6 tt) c = a. Now we observe that by the definition of interpretation 

• 3do, ■ ■ ■ ,d h £ Mf(V), 3c , ... ,4 £ M{(D) n such that ((c ,d ), [a\, . . . , a h ] :: a) £ 
lNojg, y , (Scj,dj),aj) £ \Nj\ 3t y (for 1 < j < h), ^ h j=Q Cj = c, and ^ =0 dj = d, and 
#d j = deg y (N J ) (for l<j<h). 

. 3P ',...,P h e A b , 3b , ...,b h e M f (V) n such that u£ =0 Pj = P, b^S,- = b, #Pj = 

deg^JVj) (for j = 0, . . . , h), and (6„ d,) £ [Pj] 2 (for i = 0, . . . ,h). 
Note that #dj = #Pj (for 1 < j < h). Now let dj = bj tt) c} (for j = 0,...,h). Then 
by the induction hypothesis (i) we have that (do, [a\, . . . , ah] ■■a) £ {No{Po/y)}g and 
(dj,aj) £ lNj(Pj/y)Jg (for 1 < j < h), and finally observing that a = tt)^ =0 dj, we can 
conclude that (d,a) £ \No(PU y)[N x (P[/ y) , . . . , N h (P' h /y)]} g C [M(P/y)] s . 

(ii) We just consider the case Q = t[N]. By definition of interpretation we then have 
[T[iV(P/y)]]^ = {d | (a,*) £ {N{P/y)}g}. Hence applying the induction hypothesis 
(i) and the fact that r[N](P/y) = r[N(P/y)] we conclude that lr[N](P/y)}g = {dtt)6 | 
3d £ M t (V), #d = #P = deg y (Q), (b,d) £ [P] 2 , ((d,d)) £ [r[A]kJ. □ 
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Lemma A. 2 (Lemma 4.11, Regular Substitution Lemma). Let M G A T , Q G A T and 
N G 2(A f ). We /iaue: 

(i) (a, a) G [M{N/y}Jj iff 3/3 1} . . . , P k G V, k = deg y (M), 3a , . . . , a k G M t (V) n such 
that (Si, fa) G p% (for 1 < i < k), ((a , Ifi!,..., Pk]),a) E [Af]j, v and a = wj =0 o^, 

(ii) a G [Q{N/y}] £ iff 3ft, . . . , p k G V, k = deg y (Q), 3a ,...,a k G M { (V) n such that 
(Si, Pi) G p% (/or l<i<k) and (a , [ft, ... , ft.]) G [Q]^ and a = tt^ =0 a,-. 

Proof. The items (i) and (ii) are proved by mutual induction on M and Q. 

(i) We only treat the case M = N Q [N X , . . . , N h ]. 

(=$■) Suppose that (a, a) G [M{N/y}Jj. By definition of classic substitution we have 
(N [N U N h ]){N/y} = ^ {N/y}[iVi{N/y}, . . . , N h {N/y}]. Hence, by definition, (a, a) G 
[iVo{N/y}[Afi{N/y}, . . . , N h {N/y}]} s if and only if there exist ai, . . . , a h E V, So, ■ ■ ■ , a h E 
Mf(V) n such that (So, [ax,..., a h ] ::a) G [N {Ji/y}j s , (S^aj) G {Nj^/yjjg for 1 < j < h, 
and a = tt)^ =0 dj. 

By applying the induction hypothesis (i) we obtain that 

• 3<5 ,i, • • • , Sofy G P for £ = deg y (No), 3b 0) i, . . . , 60,4, c G M{(V) n such that 

((c , [5o,i.---.*o,« ]). [«!.-• :: «) G [^bk, v , fc,^) E P%, (for 1 < i < 4), 

(W-iifco,i) tt) c = So, and 

• V j = l,...,k, 35 jt i,...,8 jjt . G Mt(V), lj = degy(Nj), 3bj,Cj G M { (V) n such that 
((cj, [S jtl , . . .,8^]),^) G [Nj} 3ty , (b j:i ,8 jti ) G [r%, (for 1 < i < lj), (tdJ^A) bJ 9 = a,-. 

Now let c = ^j =0 Cj, b = W^ =0 W^i fe = Iy=Vj and [ft, . . . , ft] = wj =0 [^i, . . . , 5^.]. It 

is easy to see that ((c, [ft, . . . , ft]), ot) G [M]^ and S = b W c. This concludes the proof of 
the right implication. 

0=) Suppose that 3ft, . . . , P k G V, 3&i, . . . , b k , c G Mf (V) n , k = deg y (M), such that 

((c, [ft, fa]), a) G {M\ 3 ,y, (Pi, ft) G p% (for 1 < i < fc), and (W^l**) « c = a. Now we 
observe that by definition of interpretation 

• 3ai, . . . jQ/j G £>, 3(3), do), . . . , (ch,d h ) G M{(D) n+1 such that ((cb,d ), [ai, . . . , a h ] :: a) G 
[JVok,!,, ((cj,^),^-) G [ATj]^ (for 1 < j < h), ^ =0 (cj,dj) = (c,[Pi,...,fa]), and 
#dj = deg^Nj) (for 0< .?</>). 

We focus for a moment on the fact that (bi,(3i) G [NJ^ (for 1 < i < k) and Wj =0 dj = 
[/?!,..., Thus there exists a way of partitioning the set {1, . . . , k} into h + 1 subsets 
.Xo, . . . , in such a way that for all j = 0, . . . , h each i G Xj is such that /3, G dj. Then 
we let ej = y ie Xj&t- 

Now let Oj = e*j tt) Cj (for j = 0, . . . , h). Then by induction hypothesis (i) we have that 
(So,[ ai ,...,a h ] ::a) G [^{N/y}^ and (Sj, aj ) G lNj{N/y}]g (for 1 < j < h). Finally 
observing that a = W^ =0 Oj, we conclude (a, a) G [^{N/yj^fN/y}, . . . , N h {N/y}]}$ = 
lM{N/y}U 

(ii) We just consider the case Q = t[M]. By definition of interpretation we have 
[r[M{N/y}]]5 = {a \ (a,*) G |[M{N/y}]]^}. Hence applying the induction hypothesis (i) 
and the fact that r[M]{N/y} = r[M{N/y}] we conclude that [r[M]{N/y}] 5 = {attl(l±lf =1 6i) | 
3 fa, .. . ,fa G V, k = deg y (M), (bi,Pi) G [r% (1 < i < fc), ((a, [/3 l5 . . .,fa})) G [r[M]]^}. 

□ 
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k] for 

£ + k) 



Let £ be a function from N to N. Given a natural number k £ N we write £[n := 
the map £' which coincides with £, except on n, where £' takes the value k. We let 
denote the function £' defined by £'{x) = £{x) + k. 

In the following proofs we write A B if A reduces to B in n steps of head reduction, 
which is introduced in Section [7.51 for the full <9A-calculus with tests. 



Lemma A. 3. (Lemma 6.12) LetY G 2((A r ) lab ) be a sum of labelled closed tests. IfY -» e 
then there exists a map £ : N -»■ N such that V< m ) is solvable for allkeN. 



Proof. In the proof we use the characterization of solvable given in Theorem 6.5 ii). We 
proceed by induction on the length n of a head reduction V -»h e (by Lemma 7.19). For 
the sake of simplicity we assume that in the sum V we first reduce a component that head 
reduces to e (only when V = e + W we start reducing within W) . 
Case n = 0. Then V = e and = Ax.x[] independently from £. 

Case n > 0. We have V — >h V £• The proof is divided into sub-cases depending 

on the redex that is contracted. 

Subcase V = r[(fj(e))j, (L)j?] and V' = t[{L)?]. By induction hypothesis there is £' 
such that V'(^+ fc ) = \z.z[L^' +k ^ jg solvable for all k. From this it follows that 

£(£'+k)^£'{r)+k are so i vaD i e for all k. It is enough to take £ = £'[i := 0][j : = 0] to have 
y(i+k) = Xz.zKXx! . . . x k .\y.y[])W~ k , L^+ k ) \\~ e 'W+ k ] -» Xz.z[\y.y[], L^[]^ +k ] that is 
solvable because L^ +fc ) 



6.11 



2) and £{r) =£'{f). 



and, by Remark 



6.11 



2), M^+ k ) 



Subcase V = r[(fj(V))i, (L)f\ where V = t[(M)^\ / e, and V = r[(M)^, (L)?}. By 
induction hypothesis there is £' such that V , ^'+ fe ) = Xz.z[M^' +k ^ L^' +fc ) 
is solvable for all fc. From this it follows that M^' +k ) an d R?+k)^~e(?)+k are 

solvable for all k. It is enough to take £ = £'[i := 0][j := 0] to have 

y(e+k) = Xz.z[(\ Xl . . .x fc .A2/.y[Ai( m )[]~ £ (™) +/£ ])[]~ fe ,L( £+fe )[]~^)+ fe ] 
-» Az.z[Ay.y[M( m )[]~ £ (™)+ fe ],L( m )[ 

that is solvable because /(m) = £(m), £'(r) 
M^'+ fc ) and L( £+fc ) = U^ k \ 

Subcase V = t[(Ax.M);, (L) r ->] and V = r[(M{0/z}) i9 (L) f ]. Since V converges, we 
have x ^ FV(M) and M{0/x} = M. By induction hypothesis there is a map £' such 
that, for all k, Y'^'+V = \z.z[M^' +k ^ []^'«+ fe , []~*' (*=)+*=] is solvable. It is enough to 

take * = f [i := £'(i) + 1] to have V^+ fc ) = A^.z[(Ax.Af^+ /£ ))[]~ £ ( i )+ fc + 1 _ 1 _L^+ fc )[]~ £ ^+ fc ] -> 
\z.z[M( i+k )\\~ t ® +k , L[T m+k ] that is solvable for all k by Remark 

Subcase V = T[(fj(V)[]P)i, (L)?] and V = r[(fj-(V)P)i, (L) f 
there exists £' such that, for all k, the term 

V^' +fc ) = A*.*[(Axi . . .^ (j)+fc .y( £ ' +fc ))p( £ ' +fc )[]^'W +fc ,L^+ fe )[]^' (r ' )+fc ] is solvable. 

For £ = £'[j := £'(j) + 1] we have 

V^+ fe ) = \z.z[{\ Xl . . .x £ , {i)+fe+1 .y( £ + fc ))[]P (m) []^ W+fc ^ (m) []^ (r0+fc ] 
^ Az.z[(Ax 2 . . .x £;(j)+fc+1 .y( f + fc ))p( £ + fc )[]^«+ fc ,L( £+fc )[]^+ fe ] 
= a Az.z[(Axi . . . x P(j)+fc .y( £ + fc ))P( £+fe ) L( £+fc ) [}^+ k ] 

We conclude by Remark 6.1l| 2 ) and since £(f) = £'(r). 



6.11 



2) and^(f) = /(r). 



By induction hypothesis 
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Subcase V = T[((Xx.M)QP)i, (L) r -] and V = t[(M(Q /x){Q/x}P) h (L) r -]. By IH, there 
is £ such that V'^ +fc ) = Az.z[M( m )(Q( £+fc )/x){0/x} J P^ +fc )[]~ £ ( l ) +fc ,L^ +fc )[]~ £ W+ fc ] is solv- 
able for all k. We conclude because 

v( £+fc ) = Az.z[(Ax.M( £+fc ))Q^ +fc ) J p( m )[]^ (i)+fc ,i (m) 0^ { ' )+/c ] ^V'( f+fc '. 

Subcase V = Vt + W and V = Vi + W with V 1 ^ h Y x -»J™ e for some m < n. By 
induction hypothesis there is I such that is solvable for all k. From the previous 

case analysis, there exists an £ such that, for all k, y^ +k ^ is solvable if and only if Y± + ^ 
is solvable. Then V^ +fc ) is solvable for all k, regardless the behaviour of W^ e+k \ 

Subcase V = e + W and V = e + W with W -» h W. Trivial. □ 



Lemma A. 4. (Lemma 6.13) Let Y G 2((A T ) lab ) be a sum of labelled closed tests. IfY -» 
then there exists a natural number k such that V^ +fc ) -» for all £ : N — > N. 



Proof. We proceed by induction on the length n of a head reduction V -»/, (by Lemma 7.19). 
Case n = 0. Then V = and = independently from 

Case n > 0. We have V — >h Y' 1 0. For the sake of simplicity we assume that in a 
test we always reduce a component head reducing to 0. The proof is divided into subcases. 

Subcase V = r[(fj(V))i, (L)?} where V = r[(M)a\ and V = r[(M)^, (L)p] . By induc- 
tion hypothesis there is k such that V'( £+fc ) = Xz.z[M^ +k ^ [~^)+* ) []~^*0+ fc ] -»£ 
for all I. Then either one of the M^ +k ^ or one of the £('+*) []~<(*D+* reduces to 0. 
From this it follows that, for all £, we have 

V( m ) = \z.z[(\ Xl . . .x, (j)+fc .Ay.y[M( m )[]^(™) +fc ])[]^« +fc ,L( m )[]^^ +fc ] 0. 

Subcase V = r[(Ax.M)», (L)^] and V = r[(M{0/x})j, By induction hypothesis 

there is k such that V'^ +fc ) = \z.z[(M{0/x}) (e+ ^ []^)+ k , B t+k ) for all £. 

For k! = k + 1 we have 

V( m ') = Az.z[(Ax.M^+ fc '))[]^)+ fc ',L^+ fe ')[]^ +fe '] 

-ty Az.z[(M{0/x})( £+fc ')[]^W+ fc ,L^+ fc ')[]~^+ fc ']. 

If x E FV(M) then Y^ +k '^ := and we are done. Otherwise, when x ^ FV(M), we 
have V( £+fc ') = Az.z[M^ ,+fc )[]^'W +fc , []-*(»")+*] where £' = (£ + l)[i := £{i)\, therefore 

Y^+ k ') for all £. 

Subcase V = T[(f j (V)PP) i , [L) ? ] with P ^ [] and V = 0. For every k > 1, we have 

V^+ fc ) = Az.z[(Axi . . .^ • )+fc .y( ^ + fc ))p( ^ + fc )p( ^ + fc )[]^( ^ )+^L( ^ + fc )[]^«+ fc ] 

-»0 Az.z[(Ax 2 . ..i {(3)+fe y( f+fc ){F( l+fc )/3;){0/3;})F( w )[]~ ? ( , ) +i ,l( w )[]~ < ( r > fe ]. 

This is equal to since, by definition of {£ + fe)-expansion, x\ ^ FV(V^ +fc )). 

Subcase V = r[(f j (y)[]P) i , (L)^] and V = T[(f j (V)P) i , (L) r -]. By induction hypothesis 
there exists k such that, for all £, we have 

V^ +fc ) = A*.*[(Asi . . .x, . )+fc .y^ +fe )) J P^)[]~ £ «+ fc ,L^+ fc )] 0. 
For fc' = k + 1 we have 

V( £+fc ') = Az.«[(Axi . ..x^ )+ ^.WW)0p(WQ~Ai)+^ ) L(Wp~/(*O+fc'] 
Az.z[(Ax 2 . . .x, a)+fc ,.y(^')) J P^+ fc ')[]^)+ fe ',L( £ + fc ')[]~^+fc'] 
= \z.z[(\ Xl . . .x,, - )+fc .y^+ fc )) J P^ +fe )[]^'« +fc ,L( £ '+ fc )[]^'«+ fc ] 
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where £' = (£ + l)\j ■= £{j)\- 

Subcase V = t[{(\x.M)PP% (L) r -] and V = t[(M(P/x){0/x}P% (L)?\. Now, if 
deg x (M) 7^ #P then V' = and we are done. Otherwise, by induction hypothesis, there is 
k such that, for all £, we have 

V'( £+fc ) = \z.z[M^ +k ^P^/x){0/x}P'^[r e ^ + \L^ 0. 

This case follows since = \z.z[{\x.M^+ k ))P^+ k ) P'^+ k ) [}^)+ k , Z^+ fc ) 

V /(£+fc)_ 

Subcase V = Vi + W and V = Vi + W with V\ -> h Y' v By induction hypothesis 
there is k' such that V'( £ + fc ') = yV+W + W^ +fc ') for all I From the previous case 
analysis we get a k > k! such that vf +h -»p 0. We conclude since V^ +fc = V^ +fc + W m = 



Lemma A. 5. (Lemma 8.5) Let A G Af, TV G Af and N G 2(Af). T/ien: 

(i) (A{N/x))° = A {N°/x) l 

(ii) (A{N/x})° = Up eA , f ( N o ) ^ o (P/x){0/x}. 

Proo/. 

(i) By structural induction on A. We only treat the case A = M[L,W\. Observe that 

A° = U P , eMim M°([L°}ttP') 
By definition of linear substitution we have 

(A(N/x)y 
= (M{N/x)[L,N-])°U 

U k =1 (M[Li, ■ ■ , Li(N/x), . . , L k ,N ] ])°U 

U (M[L,N(A7z),N ! ])° 
= U PeMtm (M(N/x)y([L°) W P)U 

Up/ eMf (N°) U? = i ^([^i, • • > (U(N/x))°, • • , L° k ] W P')U 

U P „ eMfm M°([L°, (N(N/x)) ] W P") 
= U PeA4f(N o ) M°(iV°/ x )([ J L°] W P)u 

Up/ 6Mf (N°) U? = i • • , i°(iV°/x), . . , L°] W P')U 

Up» eA , f .(N°)M ([L ,N°(iV7x)] W P") 

by induction hypothesis, 
= U PeMdNO) (M°([L°]ttP))(N°/x) 
= A°(N°/x) 
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(ii) By structural induction on A. Also here we only treat one case, namely A = M[L, M ! ] 
(where = k). In such a case we have 

D PeMfm A°(P/x){0/x} 
= LV e .M f .(M°) U PGA 4 f .( N o) (M°([L°] W P'))(P/x){0/x} 
= ^ p'eMfiM ) 1 - 1 Pi h p 1 ,p 2 eM i ('M°) 

M°(P /x){0/x}([L°}(P 1 /x){0/x} W P'(P 2 /x){0/x}) 
= Up, eA , f((M{ NM)°)(M{N/x})°(([L]{N/x})° W P) 

by induction hypothesis, using the fact that 

Up>eM f (M°) Up 2eA 4 f(N o) P'(P 2 /x){0/x} is equal to 

M { (U PeMf{m M°(P/x){0/x}) 
= (M{N/x}[L{N/x},M{N/x} ! ])° 

= (A{N/x})° □ 
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